A researcher with the pseudonym of cyanid-E yesterday published a new WMF vulnerability, which he says he reported to Microsoft in late June. The vulnerability exploits the same GDI Client DLL library (gdi32.dll) as did the previous zero-day WMF flaw WMF flaw...Unlike its predecessor, though, the new WMF vulnerability is considered low-risk -- so far, it only crashes Internet Explorer and other apps that use the DLL...