Advisory: Malicious WMF files stored in Opera's cache can infect Windows

Summary

Windows Meta Files (.wmf) can contain executable code. A specially crafted WMF file can infect Microsoft Windows with malicious software when it is opened with Windows' own WMF parser. Opera itself is not affected, but if vulnerable programs open WMF files in Opera's cache, they can be infected.

Severity: High

Problem description

WMF files stored in Opera's cache can be read by other programs, in some cases without user interaction. Programs like Google Desktop, that continuously index the user's files, will pass the files in the cache to Windows, which is vulnerable to malicious WMF files.

Windows recognizes WMF files as such even when they do not have the .wmf exstension; filtering away files with the .wmf extension will not eliminate the problem. There are exploits in circulation that mask the malicious code with large chunks of padding, to make any effective scanning very resource intensive. Thus, even fully updated filtering firewalls and anti-virus software can fail to provide adequate protection.

Opera's response

This is a vulnerability in Microsoft Windows, and an update, Microsoft Security Bulletin MS06-001, from Microsoft is already available. Opera recommends Windows users to install the update, either manually or through Windows Update.

Support

• New to Opera
• Register Opera Mobile
• Tutorials
• Knowledge base
• Community
• Reporting bugs
• Premium support
• Documentation

Web analytics powered by HitsLink. Copyright Opera Software ASA. All rights reserved.

Site Index | Contact | Privacymy.opera.com | operamini.com | widgets.opera.com | dev.opera.com | jobs.opera.com | operapowered.com
jp.opera.com | ru.opera.com | pl.opera.com | de.opera.com | cn.opera.com | tw.opera.com | in.opera.com