MA-083.092004: MyCERT Special Alert - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution
Original Issue Date: 15th September 2004
Microsoft had announced a critical vulnerability in its software's handling of the ubiquitous JPEG graphics format and had released today the Microsoft Security Bulletin MS04-028 on details.
The security hole is a buffer overflow that potentially allows an attacker to craft a special JPEG file that would take control of a victim's machine when the user views it through Internet Explorer, Outlook, Word, and other programs. The poisoned picture could be displayed on a website, sent in e-mail, or circulated on a P2P network.
Machines running on Windows XP, Windows Server 2003 and Office XP are vulnerable. The older versions of Windows are also at risk if the user has installed any of a other Microsoft applications that use the same flawed code.
Windows XP Service Pack 2 does not contain the hole, but vulnerable versions of Office running atop it can still be attacked if not patched.
Details on this vulnerability and patches are available at:
Microsoft Security Bulletin MS04-028
MyCERT can be reached for assistance at: