Last week Secunia published security advisory SA18255 ("Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution"). In this advisory Secunia warns for an 'extremely critical' vulnerability found in ...

Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

"The vulnerability is caused due to an error in the handling of Windows Metafile files (".wmf") containing specially crafted SETABORTPROC "Escape" records. Such records allow arbitrary user-defined function to be executed when the rendering of a WMF file fails. This can be exploited to execute arbitrary code by tricking a user into opening a malicious ".wmf" file in "Windows Picture and Fax Viewer" or previewing a malicious ".wmf" file in explorer (i.e. opening a folder containing a malicious image file).

"Do not save, open or preview untrusted image files from email or other sources, or open untrusted folders and network shares in explorer. Set security level to "High" in Microsoft Internet Explorer to prevent automatic exploitation. The risks can be mitigated by unregistering "Shimgvw.dll". However, this will disable certain functionalities. Secunia do not recommend the use of this workaround on production systems until it has been thoroughly tested."

Microsoft will bring out a patch for this vulnerability January 10th, but a internal build of Microsoft's WMF security patch has LEAKED prematurely onto the Net!  See "Breaking News" below for detailed information. While the whole world waits for this Microsoft official security update, Ilfak Guilfanov developed a "Patch" for temporarily protecting Windows users from exploitation of the WMF vulnerability. For Enterprise deployment you could find a MSI package in Handlers's Diary. However, Microsoft just released an early release of their WMF patch so this has been taken offline. Details about the Microsoft' patch can be download over here .

This patch isn't available in a MSI package format yet ...