Originally posted here by the_JinX
It seems that 'older' windows versions are not vulnerable afterall..

http://blog.ziffdavis.com/seltzer/ar.../02/39680.aspx

http://www.hexblog.com/2006/01/wmf_v...y_checker.html
The nice people at hexblog have created a nice little vulnerability checker..
That isn't quite true. While only Windows XP and Server 2003 by default associate handlers with WMF files, in older systems (e.g. Windows 2000) applications may have easily associated WMF files with Windows handlers. For all we know, Microsoft Office may have done so. So it's quite possible that owners of Win2000 boxes are in danger.