Patch for major graphics vulnerability issued by Microsoft

@ 2004/09/15
September's monthly security update from Microsoft includes a patch for a rather serious vulnerability. Rated "critical" by Microsoft, the JPEG processing flaw allows malicious coders to hide executable code within a JPEG image file which could then be executed by the target system. The list of Microsoft products affected is lengthy, and includes Office 2003, Office XP, Windows XP SP1, Windows Server 2003, IE 6 SP1, Visio, and Project. A full list is available at Microsoft's security advisory page; users of Windows XP SP2 are not vulnerable.


Comment from jmke @ 2004/09/15
Direct link http://www.microsoft.com/technet/sec.../MS04-028.mspx

Local mirror of the file for WinXP and XP SP1 users (like me) : http://www.madshrimps.be/files/mirro...87-x86-ENU.EXE

 

reply