Although Microsoft has issued a patch for the infamous Windows Metafile Format (WMF) file format flaw that was heavily exploited by malicious hackers over the past few weeks, it appears that WMF has other issues. This week, two more problems associated with WMF were discovered by security researchers. Although Microsoft made similar claims in late December about the initial WMF flaw, the company says the new issues are not serious.
"Microsoft's initial investigation has found that these are not security vulnerabilities but rather performance issues that could cause an application to stop responding," a Microsoft representative said this week. "\[The flaw\] might cause the WMF application to crash, in which case the user might restart the application and resume activity." In other words, unlike the previous flaw, these new problems can't cause the OS to crash or allow a hacker to remotely take control of a Windows.
It's not surprising that new flaws were found in WMF so quickly after a major exploit because hackers tend to closely examine code components that are compromised, looking for other avenues of attack. Similar incidents of multiple flaw discoveries have occurred after other major code releases.
Meanwhile, Microsoft says that the WMF flaw has caused the company to reevaluate its source code again, and it's taking the time to look for similar flaws. In a discussion with News.com, Debby Fry Wilson, director of Microsoft's security response center, said that the company was specifically looking over its code for flaws that could be exploited by the same class of attack that exploited the WMF flaw. "Customers can be certain that we will be scrubbing the code to look for any other points of vulnerability based on this kind of attack," she said.