You better keep blocking WMF file's
Microsoft has released a new security advisory describing a new vulnerability in older versions of Internet Explorer. Again a 'a specially crafted Windows Metafile (WMF) image' could allow remote code execution.
Still using?:
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium.
Then you better keep the following 'Body Content type' rules in place:
WMF - 1: (MS06-001) (Also add *.wmf to "URL paths")
%0x01000900%*
WMF - 2:
%0x02000900%*
MS advisory
Still using?:
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium.
Then you better keep the following 'Body Content type' rules in place:
WMF - 1: (MS06-001) (Also add *.wmf to "URL paths")
%0x01000900%*
WMF - 2:
%0x02000900%*
MS advisory
posted by Placebo at 11:17 AM
0 Comments:
Post a Comment
<< Home