[funsec] Are Office document files also an attack vector for the.WMF flaw?

Larry Seltzer larry at larryseltzer.com
Fri Dec 30 12:38:54 CST 2005

>>I suspect that a booby-trapped .WMF file can be embedded in Office files
(Word, Excel, PowerPoint, ....) and will auto-execute when a document file
is opened.   

There's a line about this in Microsoft's advisory
(http://www.microsoft.com/technet/security/advisory/912840.mspx): "Windows
Metafile (WMF) images can be embedded in other files such as Word documents.
Am I vulnerable to an attack from this vector?
No. While we are investigating the public postings which seek to utilize
specially crafted WMF files through IE, we are looking thoroughly at all
instances of WMF handling as part of our investigation. While we're not
aware of any attempts to embed specially crafted WMF files in, for example
Microsoft Word documents, our advice is to accept files only from trusted
source would apply to any such attempts."

OK, starts out with an emphatic "No" and then wooses out. Any new info on

Larry Seltzer
eWEEK.com Security Center Editor
Contributing Editor, PC Magazine
larryseltzer at ziffdavis.com 

More information about the funsec mailing list