Microsoft late Monday downplayed the risk of newly reported bugs in Windows' graphic rendering engine, and disputed the labeling of the threats as vulnerabilities. According to the Redmond, Wash.-based developer, the new Windows Metafile flaws are only "performance issues."
Security company Symantec warned users on Monday that three new vulnerabilities in the Windows graphics engine could allow maliciously-crafted Windows Metafile (WMF) files to crash and likely compromise computers. The bugs, said Symantec, were related to the one patched last Thursday by Microsoft, but not fixed by that update.
Microsoft acknowledged the problem, but contended that it wasn't serious. "Microsoft's initial investigation has found that these are not security vulnerabilities but rather performance issues that could cause an application to stop responding," a spokesperson said late Monday afternoon in an e-mail to TechWeb.
"These issues do not allow an attacker to run code or crash the operating system," the spokesperson added. "They may cause the WMF application to crash, in which case the user may restart the application and resume activity."
Applications that display or preview include Windows Picture and File Viewer.