Intrusion Prevention

MS.Windows.GRE.WMF.Handling.Memory.Read.Exception

Description

This indicates an attempt to exploit a denial of service vulnerability in Microsoft Windows Graphics Rendering Engine.
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service. The vulnerability can be exploited to cause an application crash via a WMF file containing ExtCreateRegion or ExtEscape function calls with arguments with inconsistent lengths.

Affected Products

Microsoft Windows XP SP2
Microsoft Windows XP SP1
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003
Microsoft Windows ME
Microsoft Windows 98se
Microsoft Windows 98
Microsoft Windows 2000SP4

Impact

Denial of service.

Recommended Actions

Unregister the Windows Picture and Fax Viewer (Shimgvw.dll)(see MS06-001).

CVE References

CVE-2006-0143