Microsoft has fixed a nasty Windows security hole that could hand control of your computer to an attacker. The patch offers welcome relief, because dozens of exploits for this vulnerability have been in circulation for weeks.

You can download the patch from

The problem lies in the way the Windows graphics engine handles WMF (Windows metafiles), particularly when those files are displayed in Microsoft's Picture and Fax Viewer. Microsoft created the WMF format to simplify the exchange of images between various apps. This bug isn't related to the WMF hole I reported last month.

If you view a boobytrapped WMF on a web page – perhaps on a banner advert – or click a link to a doctored image in an email or instant message, your system could be infected, letting the hacker take over.

All Windows versions from 2000 to XP are at risk. Moreover, XP and Windows Server 2003 are set to display WMFs automatically, according to security firm F-Secure. To change this default, you need to edit the Registry, which is a risky process. You are better off installing the patch to display such files safely.

Microsoft has also released a patch to take care of two dangerous holes in Internet Explorer that could leave you open to any number of diabolical actions. The flaws affect IE 5.01–6.0 running on Windows 98 SE to XP SP2. The first problem involves IE's ability to run a type of software called a COM object, which wasn't designed to run in IE. Various Windows programs use COM objects to communicate with one another.

ActiveX controls are COM objects that enable IE to perform special tasks such as playing a video in a browser window instead of, say, in a standalone media player. An attacker could take advantage of IE's ability to run this kind of COM object by creating one that, when run in IE, could commandeer your PC. You could launch an infection merely by visiting a web page that contains the malicious COM object.

The patch for the bug described in the January column prevented all attacks Microsoft was aware of at the time by modifying the Windows Registry to keep a set list of COM objects from running. The new patch is similar, except it blocks another list of COM objects.

The second IE hole concerns the way IE processes JavaScript. The bug has been known for months and everyone thought it could at worst result in an IE crash. But a UK-based researcher used it to take over a PC. Better still, the patch blocks Sony's infamous copy-protection rootkit.

This column appears as Bugs and fixes in the May 06 issue of PC Advisor, available now.