Wednesday, August 24, 2016
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
AMD Increased GPU Market Share in Q2 2016
Chinese Firm Unveils 64-core CPU
PlayStation Now Coming to PC, DualShock 4 USB Wireless Adaptor Unveiled
Upgraded Tesla Car Get From 0 to 60 in 2.5 Seconds
Opera VPN App For Android Released
Microsoft Provides Glimpse Of 24-core Processor For HoloLens
Nvidia Unveils Parker, The Latest SOC For Autonomous Vehicles
Toshiba to Implement Eyefi Connected Features in Next FlashAir SD Cards
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > JPEG ha...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, September 15, 2004
JPEG handling flaw threatens PCs, Microsoft warns


A security flaw in the way many Microsoft applications process JPEG images could allow an attacker to gain control over a computer running the software, Microsoft warned Tuesday.

Any program that processes JPEG images could be vulnerable, Microsoft said in Security Bulletin MS04-028. To take advantage of the flaw, an attacker would have to persuade a user to open a specially crafted image file. The image could be hosted on a Web site, included in an e-mail, Office document or hosted on a local network, Microsoft said.

A wide range of Microsoft software, including various versions of its Windows and Office products, is vulnerable. Additionally, applications created with Microsoft's Visual Studio developer tool or the.Net Framework and third-party applications that distribute their own copy of the vulnerable JPEG parsing engine may also be vulnerable, Microsoft said.

Along with the Security Bulletin, Microsoft made available software updates to correct the flaw in its products. The software maker also offers a tool to scan a PC for certain installed products that are known to contain the vulnerable JPEG image processing engine.

Microsoft rates the flaw "important' for many of its products, but "critical" for Outlook versions 2002 and 2003, Internet Explorer 6 with Service Pack 1, Windows XP and Windows XP with Service Pack 1, Windows Server 2003, and the .Net Framework 1.0 with Service Pack 2 and .Net Framework 1.1, according to the Security Bulletin.

In Microsoft's rating system for security issues, vulnerabilities that could allow a malicious Internet worm to spread without any action required on the part of the user are rated critical. Issues that will not lead to the spread of a worm without any action taken by the user, but could still expose user data or threaten system resources, are rated important.

The JPEG flaw was reported privately to Microsoft and it was not disclosed prior to the Tuesday release of the warning and patches, the software maker said. There have been no reports of the issue being exploited, Microsoft said.

In addition to the JPEG issue, Microsoft on Tuesday as part of its monthly security patch release cycle warned of a flaw in the WordPerfect 5.x Converter that it supplies as part of Office 2000, Office XP, Office 2003 and recent editions of its Works Suite.

The WordPerfect converter flaw, which Microsoft rates "important," could allow an attacker to gain full control over a victim's PC, Microsoft said. A software patch is available for the vulnerable products to fix the problem.

More information on the JPEG flaw is available at:
http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx

More information on the WordPerfect converter issues is at:
http://www.microsoft.com/technet/security/bulletin/ms04-027.mspx

From Computerworld Australia



Previous
Next
Victor JVC Everio Tiny Digital Camcorder        All News        Asustek to launch half-height Combo drives
DivXNetworks partners with Plextor     General Computing News      2004 E-CrimeWatch Survey Summary Findings

Source Link Get RSS feed Easy Print E-Mail this Message

Related News
Microsoft Cloud Strength Highlights Fourth Quarter Results
Microsoft Unveils The Stream Business Video Platform
Microsoft Offers New Subscription Options For Windows 10 and Surface for Businesses
Project Malmo, Which Lets Researchers Use Minecraft for AI research, Makes Public Debut
Microsoft Hints at New Surface Coming Soon
Microsoft Says Scorpio System will Not Offer Higher Frame Rates With Xbox One Games
LinkedIn Becomes Part Of Microsoft
Microsoft and Facebook To Link America With Europe Through 6,600 km Long Cable
Microsoft Streamlines its Smartphone Business, Axes Hundrends Of Jobs
Microsoft To Accelerate Delivery of Affordable Internet Access
Microsoft Is Selling Its Feature Phone Business to Foxconn, Nokia Mobiles Return
Microsoft Positions Windows 10 As A Platform for the Intelligence Revolution

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2016 - All rights reserved -
Privacy policy - Contact Us .