ITSD Computing and Communications Services News
September, 2004

CCS News Home
Back Issues
Search CCS News
Computer Security
Help Request
Software Downloads
Computer Backups
Buy a Computer
Suggestion Box
Email
Calendar
Onsite Computer Training
ITSD
CIS
ISS
NTD
TEID
 

Microsoft Announces Fix for Major Security Flaw in Windows Systems, Applications

A major security flaw in the way Windows systems and applications handle the .jpeg graphics format could allow a rogue program to execute if a user simply views a .jpeg file on a web site and in other usage contexts. The execution of this program could allow an attacker to take over your system. Windows XP, Windows Server 2003 and many Microsoft applications, including Office 2003, Internet Explorer 6 with Service Pack 1, Microsoft Project, Visio, Picture It and Digital Image Pro, and others, are vulnerable. Microsoft has developed a tool to identify applications that are vulnerable, as well as a patch. More information about this vulnerability, the tool, and the patch is available online. This patch and others is also available online. Alternatively, you can download and install LBNL's cumulative patch ("megapatch") for your operating system. (This cumulative patch has been recently updated to include the hotfix for this bug).