WMF exploits - Two new areas of vulnerability?
There may be two new possible areas of attack for malformed WMF files, which may not be covered by MS06-001? So far, no exploits in the wild have been reported and this new potential exposure should be carefully watched.
Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
QUOTE: Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions. These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data. Reports indicate that these issues lead to a denial of service condition, however, it is conjectured that arbitrary code execution is possible as well. Any code execution that occurs will be with the privileges of the user viewing a malicious image. An attacker may gain SYSTEM privileges if an administrator views the malicious file.