Windows Metafile vulnerability

The Windows Metafile vulnerability—also called the Metafile Image Code Execution and abbreviated MICE—is a security vulnerability in the way some versions of the Microsoft Windows operating system handled images in the Windows Metafile format. It permits arbitrary code to be executed on affected computers without the permission of their users. It was discovered on December 27, 2005, and the first reports of affected computers were announced within 24 hours. Microsoft released a high-priority update to eliminate this vulnerability via Windows Update on January 5, 2006. Attacks using this vulnerability are known as WMF exploits.

The vulnerability was located in gdi32.dll and existed in all versions of Microsoft Windows from Windows 3.0 to Windows Server 2003 R2. However, attack vectors only exist in NT-based versions of Windows (Windows NT, Windows 2000, Windows XP and Windows Server 2003). Exploits taking advantage of the vulnerability on Windows NT-based systems facilitated the propagation of various types of malware, typically through drive-by downloads.

Due to extreme impact, this bug won the 2007 Pwnie Award for "Mass 0wnage" and "Breaking the Internet".

All versions of the Microsoft Windows operating system support the Windows Metafile graphics standard. All versions from Windows 3.0 to Windows Server 2003 R2 contain this security flaw. However, Windows NT 4.0 and Windows XP, unless patched, are more vulnerable than earlier versions because their default installation enables Windows Metafile code execution, the source of the vulnerability. Later versions of Windows do not have this vulnerability.

...
Wikipedia