• See Also
• Current Updates

• Microsoft Security Resources
• Security Incidents
• Security Resources

• Juniper Networks Product Solutions for Microsoft
• Get detailed information about Juniper solutions that protect your Microsoft environment:
• SSL VPNs
• Intrusion Prevention
• Firewall / VPN Central Management34 KB
• VPN Resiliency594 KB
• Denial of Service and Attack Prevention754 KB
• Antivirus Protection55 KB

November 2005

---

Prior Updates:

---

Login to learn more about how Juniper Networks products can protect you from these vulnerabilities. (If you don't already have a login, see Requesting Support.)

November 2005

Microsoft Security Bulletin MS05-053

Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)

Severity: Critical
Vulnerabilities:

• Graphics Rendering Engine Vulnerability - CAN-2005-2123
  A remote code execution vulnerability exists in the rendering of Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats that could allow remote code execution on an affected system. Any program that renders WMF or EMF images on the affected systems could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
• Windows Metafile Vulnerability - CAN-2005-2124
  A remote code execution vulnerability exists in the rendering of Windows Metafile (WMF) image format that could allow remote code execution on an affected system. Any program that renders WMF images on the affected systems could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
• Enhanced Metafile Vulnerability - CAN-2005-0803
  A denial of service vulnerability exists in the rendering of Enhanced Metafile (EMF) image format that could allow any program that renders EMF images to be vulnerable to attack. An attacker who successfully exploited this vulnerability could cause the affected programs to stop responding.