Windows flaw could hit enterprise systems

Analyst Gartner is warning that a flaw in Windows Meta File (WMF) code in Windows could be a risk to "many" enterprise IT systems, and not just those that directly use the affected process.

Security companies are already warning that the flaw in the Microsoft image-rendering process has spawned dozens of attacks since its discovery last week.

Gartner warned in a research note: "This critical vulnerability could damage many enterprise systems, not just those that directly use the affected process."

The analyst group added: "Mitigating this vulnerability will be difficult", because it is within a Dynamic Link Library file used by an unknown number of applications.

Gartner is recommending companies block WMFs in email attachments and web downloads for "immediate, partial protection until a patch can be deployed".

The note, written by analysts Amrit Williams, Jay Heiser and Neil MacDonald, said URL filtering products should be activated and inline network intrusion prevention systems, antivirus and anti-spyware tools should be updated with the latest signature updates.

Microsoft aims to release a security update to address the vulnerability on 10 January, as part of its monthly release of security bulletins.

A third-party patch is available but Gartner recommends against the use of this unsupported patch, particularly by large enterprises, "because the patch would require extensive testing and eventual de-installation and could introduce additional risk".