[Webpro] JPEG Vulnerability
listadmin
info at webdesign-list.com
Tue Sep 28 03:25:04 EDT 2004
Hi all
Seems that Microsoft finally managed to be vulnerable to JPEG
images with their newer software versions. Where does that lead
to? Good-bye internet - ?
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx
Office XP, Visio 2002, Project 2002, Office 2003, Visio 2003 and
Project 2003 are affected. If you're running Win 2000 and didn't
install a recent Office package, your system might not be affected.
Microsoft says that 'In a Web-based attack scenario, an attacker
would have to host a Web site that contains a Web page that is
used to exploit this vulnerability. An attacker would have no way
to force users to visit a malicious Web site. Instead, an attacker
would have to persuade them to visit the Web site, typically by
getting them to click a link that takes them to the attacker's
site.'
Comments welcome! :)
Mike
More information about the Webpro
mailing list