Microsoft has finally fixed a nasty Windows security hole that could hand control of your computer to an attacker. The patch offers welcome relief, because dozens of exploits for this vulnerability have been in circulation for weeks. You can download the patch from www.microsoft.com/technet/security/bulletin/ms06-001.mspx.
The problem lies in the way the Windows graphics engine handles WMF (Windows metafiles), particularly when those files are displayed in Microsoft's Picture and Fax Viewer. Microsoft created the WMF format to simplify the exchange of images between various apps. This bug isn't related to the WMF hole I reported last month.
If you view a booby-trapped WMF on a Web page - perhaps on a banner advert - or click a link to a doctored image in an e-mail or instant message, your system could be infected, letting the hacker take over.
All Windows versions from 2000 to XP are at risk. Moreover, XP and Windows Server 2003 are set to display WMFs automatically, according to security firm F-Secure. To change this default, you need to edit the Registry, which is a risky process. You are better off installing the patch to display such files safely.
Two-in-one patch for IE
Microsoft has also released a patch to take care of two dangerous holes in Internet Explorer that could leave you open to any number of diabolical actions. The flaws affect IE 5.01 to 6.0 running on Windows 98 SE to XP SP2. The first problem involves IE's ability to run a type of software called a COM object, which wasn't designed to run in IE. Various Windows programs use COM objects to communicate with one another.
ActiveX controls are COM objects that enable IE to perform special tasks such as playing a video in a browser window instead of, say, in a standalone media player. An attacker could take advantage of IE's ability to run this kind of COM object by creating one that, when run in IE, could commandeer your PC. You could launch an infection merely by visiting a Web page that contains the malicious COM object.
An earlier patch related to this particular kind of problem prevented all attacks Microsoft was aware of at the time by modifying the Windows Registry to keep a set list of COM objects from running. The new patch (www.microsoft.com/technet/security/bulletin/ms05-054.mspx) is similar, except it blocks another list of COM objects.
Imagine your panic if you tried to do a system restore on your computer and got a warning saying that your backups were corrupt and unusable. Many users of Acronis True Image 9.0 have reported that very nightmare.
Acronis confirmed the bug and said the corrupted archives errors were just that - an error. The archives are good and the problem has been fixed. To prevent mishaps, registered users should download the latest build at www.acronis.com/homecomputing/support/updates.
For more about ensuring your data is reliably backed up, take a look at the May issue's USB feature on page 53.