Microsoft Multiple Products JPEG Processing Buffer

Secunia has issued security advisory SA12528 which it rates “highly critical”This one is a doozie! Six OS versions along with 27 applications are affected. Patching the holes could be a nightmare in environments that are running multiple applications, but it shouldn’t be too much of a problem for the average user.

The good news is: “Office 2003 Service Pack 1, Visio 2003 Service Pack 1, and Project 2003 Service Pack 1 are NOT affected. Also note that Windows XP Service Pack 2 is NOT vulnerable, but systems running this version may still be affected if a vulnerable Office, Visio, or Project application is installed.” Microsoft has made a tool available that can help identify vulnerable components.

Be sure to read up on this issue before you dive in and ruin an otherwise perfectly good evening — I suggest running the assessment tool first to see if you are at risk, then act accordingly.

Article Written by