Vulnerabilities in GDI Could Allow Remote Code Execution (956802)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS08-071.
Impact
Successful exploitation could allow execution of arbitrary code on the remote system and cause heap based buffer overflow via a specially crafted WMF file. Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms08-071.mspx
Insight
The flaw is due to, - an overflow error in GDI when processing headers in Windows Metafile (WMF) files. - an error in the the way the GDI handles file size parameters in WMF files.
Affected
Microsoft Windows 2K/XP/2003/Vista/2008 Server
References