From ArsTechnica Website:
Quote:
September's monthly security update from Microsoft includes a patch for a rather serious vulnerability. Rated "critical" by Microsoft, the JPEG processing flaw allows malicious coders to hide executable code within a JPEG image file which could then be executed by the target system. The list of Microsoft products affected is lengthy, and includes Office 2003, Office XP, Windows XP SP1, Windows Server 2003, IE 6 SP1, Visio, and Project. A full list is available at Microsoft's security advisory page; users of Windows XP SP2 are not vulnerable.
Surfers using Internet Explorer could have their PCs compromised merely by viewing an infected file. At this time there are no exploits circulating yet — not even a proof of concept. However, history tells us that worms and viruses follow closely on the heels of security updates. If you are running Office 2003 or XP, you will be directed to the Office Update site to download patches for the affected applications separately from Windows Update. With the open source Firefox nearing its 1.0 release, this latest critical vulnerability might encourage still more users to jump ship from Internet Explorer.
|
Link to article
http://arstechnica.com/news/posts/20040914-4187.html
Mircosoft Security page:
http://www.microsoft.com/technet/sec.../MS04-028.mspx
In simple words....viruses could come into your computer by using Jpeg files ( pictures ). You apply this security update and it will prevent such a thing......for now
Sep 16, 04
