Can all software exploits ever be patched? The answer is probably negative. Software creators keep releasing fixes and hackers keep trying to exploit weak points of certain applications. Report on MS Windows vulnerability appeared just after it was patched on 8th April. Even though two GDI (graphics device interface) bugs were supposedly fixed, it didn’t take long for security experts to notice the flaw. Microsoft marked vulnerabilities as “critical’, but apparently they weren’t critical enough to be fixed once and for all.
According to Symantec Corp., the GDI bugs can be dangerous for users of every Windows OS version and every service pack except for unreleased Windows XP SP3. Some may call it irony. The bugs can be exploited to run malicious code using Windows Metafile (WMF) or Enhanced Metafile (EMF). Those that have Windows running on their machines should be careful as several websites were spotted hosting malicious files related to WMF/EMF vulnerabilities.
The release date of Windows XP SP3 is still unknown, although second half of April was mentioned on early announcements.