Affected Systems
Windows Metafiles are extensively supported by all versions of the Microsoft Windows operating system. All versions from Windows 3.0 to the then-latest Windows Server 2003 R2 contain this security flaw. However, versions from Windows XP onwards are more severely affected than earlier versions, since they have a handler and reader for the WMF file in their default installation.
According to Steve Gibson's M.I.C.E. analysis, Windows NT 4 may be affected by known exploits if it has an Image Preview Feature enabled. Computers not susceptible to known exploits of the flaw (but potentially susceptible to future versions or as-yet undiscovered exploits) include those running other versions of Windows, without Image Previewing enabled, or those with hardware-based Data Execution Prevention (DEP) effective for all applications.
Machines running non-Windows operating systems (e.g. Mac OS, Linux, etc.) are not directly affected. A scenario in which such computers might become vulnerable would be where a third-party program or library, designed to view WMF files on a non-Windows system, used the native Windows GDI DLL, or a clone which copied the design flaw leading to this bug, e.g. through a Windows emulator or compatibility layer.
Steve Gibson stated that the vulnerability could be exploited in Wine, and has provided a tool called MouseTrap to detect this on all Windows and Windows emulator systems.
Read more about this topic: Windows Metafile Vulnerability
Famous quotes containing the words affected and/or systems:
“My first reading of Tolstoy affected me as a revelation from heaven, as the trumpet of the judgment. What he made me feel was not the desire to imitate, but the conviction that imitation was futile.”
—Ellen Glasgow (1873–1945)
“Before anything else, we need a new age of Enlightenment. Our present political systems must relinquish their claims on truth, justice and freedom and have to replace them with the search for truth, justice, freedom and reason.”
—Friedrich Dürrenmatt (1921–1990)