Microsoft MS04-028 Update 9/28/04 4:00pm
Microsoft has released Microsoft Security Bulletin MS04-028 regarding a vulnerability in Microsoft's GDI+ component responsible for JPEG Processing. This vulnerability could allow an attacker to take control of an affected system. When exploited the attacker gains the privileges of the logged in user.
The vulnerabilities affect the following products:
- Microsoft Windows XP with and without Service Pack 1
- Microsoft Windows 2003 Server
- Microsoft Office XP Service Pack 2 and 3
- Microsoft Office 2003
- Microsoft Project 2000 and 2003
- Microsoft Visio Service Pack 1 and 2
- Microsoft Visio 2003
- Microsoft Visual Studio .NET 2002 and 2003
- Microsoft .NET Framework 1.0 Service Pack 2 and .NET Framework 1.1
- Microsoft Producers for Microsoft PowerPoint
- Microsoft Internet Explorer 6 Service Pack 2
For more information see http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx from Microsoft.
Patches are available here
|