Instead of simply waiting for Microsoft's patch, the retailer relied on information from online bulletin boards to implement preventive controls such as intrusion-detection systems and URL, attachment and image filters, said the security director, who asked not to be identified. He said the company also had tested Guilfanov's patch and decided that it could be implemented on critical systems if the need arose.

Image problem

Key details about the Windows Metafile flaw:

What it is: A vulnerability caused by the manner in which the Windows Graphics Rendering Engine handles WMF files. Potential risks: Could enable malicious hackers to take full administrative control of vulnerable systems. Affected software: Windows 2000, Windows XP and Windows Server 2003. Possible exploit methods: Malicious Web pages, specially crafted e-mail attachments or Word documents with embedded WMF images.