Why not get new tips and alerts by e-mail directly to your in-box? It's much more convenient:

We appreciate you looking at one of our alerts. However, to assure that you have the latest version in front of you, please always click the link above to visit the website, because small changes are made without e-mailing the alerts out again

Please share this information with your colleagues, because they will be thankful you did.

Yes ==> If you are like about another 90% of the people that use Windows Operating systems on your PC or server, this is a highly critical vulnerability.

A) The Threat may result in an attacker exploiting a vulnerable system. The exploit code is publicly available and being taken advantage of by some malicious users.

B) Vulnerability is as follows:

1. Do not open or preview untrusted files with the .wmf extension and,
2. set security level to "High" in Microsoft Internet Explorer by doing as follows.
   1. Tools > Internet Options > Security >click on custom level,
   2. Click on Reset custom level settings ==> reset to high (BUT this will make it tougher to log into certain websites using Explorer),
3. The best is a temporary fix that we endorse if you are tech savvy, it comes from Ilfak Guilfanov. The fix does does not remove any functionality from the system (all pictures and thumbnails continue to work normally - which they do not if you use option 2 above). This is a DLL which gets injected to all processes loading user32.dll. It patches the Escape() function in gdi32.dll. The result of the patch is that the SETABORT escape sequence is not accepted anymore.
   Ilfak Guilfanov: Vulnerability in Windows WMF metafile hotFix (2005-12-31).

Microsoft has released an out of cycle patch for the WMF file handling vulnerability described in Microsoft Security Advisory 912840 (see link further below).
Details regarding where to get the patch for your version of Windows/Server/XP, etc. including URLs can be found here:

• Microsoft Security Bulletin MS06-001 - 2005-01-05 - Jan 06 - GMT

• regsvr32 %windir%\system32\shimgvw.dll

If you installed the hotfix as we also recommended, you must do as follows with your PC, preferably before you download the patch to be safe:

1. Start, Control Panel, Add or Remove Programs
2. Uninstall 'Windows WMF Metafile Vulnerability HotFix',
3. restart your computer, and finally
4. download patch

Microsoft has issued an advisory:
Microsoft Security Advisory (912840) Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (2005-12-28).
The advisory provides you with more information.  

The vulnerability has been confirmed on a fully patched system running
- Microsoft Windows XP SP2,
- Microsoft Windows XP SP1, and
- Microsoft Windows Server 2003 SP0 / SP1 are reportedly also affected.

• CT210007: UPDATE 1 - Windows XP 101 - PART 1 - Grandma's Tricks - Regular Service & Tune Up ==> Turbo Charge XP 2005-08-30 ,
• CT210009: Windows XP 101 - PART 2 - Paris Hilton Knows CyTRAP's THREE Rules for Better Securing her PC with Windows Update 2005-10-24,
• Cookies - changing options in Mozilla, Firefox and Internet Explorer to better protect your privacy
• UPDATE 2 - Yes Virginia - phishing attacks are on the rise and getting meaner - we tell you how to surf safer

TIDBIT

While the CT210009: Windows XP 101 - Windows auto-update will download the patch eventually, it is not as fast as if you downloaded it using the link we provide above.