Vulnerabilities
In December 2005, a vulnerability was reported to Microsoft by Symantec. By using a metafile to invoke a historic form of some printer management functions, Windows GDI could be tricked into executing data from the WMF file as code. It was assessed and classified as critical. This vulnerability was resolved in a security update on January 5, 2006 on Microsoft TechNet (MS06-001) and generally released January 10, 2006. Details can be found in Microsoft Knowledge Base Article "Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution" (912919). It was also referred to as the WMF (Windows Meta File) vulnerability.
Security expert Steve Gibson analysed the WMF vulnerability and reached the conclusion that it had been included intentionally by Microsoft as a "backdoor". This was denied by Stephen Toulouse, writing officially on behalf of Microsoft, and also by Microsoft employee Mark Russinovich, who explained what he said were several misunderstandings in Gibson's analysis.
Read more about this topic: Windows Metafile