"Microsoft published on Tuesday a patch for a major security flaw in its software's handling of the JPEG graphics format and urged customers to use a new tool to locate the many applications that are vulnerable.
The critical flaw has to do with how Microsoft's operating systems and other software process the widely used JPEG image format and could let attackers create an image file that would run a malicious program on a victim's computer as soon as the file is viewed. Because the software giant's Internet Explorer browser is vulnerable, Windows users could fall prey to an attack just by visiting a Web site that has affected images. " - ZDnetIndia
The GDI+ security update for September 2004 addresses newly discovered issues in JPEG processing technology. This issue affects software that supports this image format, including some versions of Microsoft Windows, Microsoft Office, and Microsoft developer tools. If you have any of the listed software installed on your computer, you should install the related update.
Depending on the software you are using, you may need to install multiple updates from multiple locations.
Windows XP Service Pack 2 (SP2) is not affected by this issue. Windows XP SP2 users only need to update Office (if installed).
Step 1 (For Users of Windows XP, Windows XP SP1, or Windows Server 2003): Update Windows
The Windows Update Web site provides updates for affected versions of Windows, the .NET Framework, and Internet Explorer, a component of Windows.
Read the full story at: *www.microsoft.com/security/bulletins/200409_jpeg.mspx
The critical flaw has to do with how Microsoft's operating systems and other software process the widely used JPEG image format and could let attackers create an image file that would run a malicious program on a victim's computer as soon as the file is viewed. Because the software giant's Internet Explorer browser is vulnerable, Windows users could fall prey to an attack just by visiting a Web site that has affected images. " - ZDnetIndia
The GDI+ security update for September 2004 addresses newly discovered issues in JPEG processing technology. This issue affects software that supports this image format, including some versions of Microsoft Windows, Microsoft Office, and Microsoft developer tools. If you have any of the listed software installed on your computer, you should install the related update.
Depending on the software you are using, you may need to install multiple updates from multiple locations.
Windows XP Service Pack 2 (SP2) is not affected by this issue. Windows XP SP2 users only need to update Office (if installed).
Step 1 (For Users of Windows XP, Windows XP SP1, or Windows Server 2003): Update Windows
The Windows Update Web site provides updates for affected versions of Windows, the .NET Framework, and Internet Explorer, a component of Windows.
Read the full story at: *www.microsoft.com/security/bulletins/200409_jpeg.mspx