NOTE: the end of this message an additional list of
environments/applications that could be affected by this vulnerability:
---------------------------------------------------------------
From: alerts(a)us-cert.gov
Subject: US-CERT Cyber Security Alert SA04-258A -- Vulnerability in
Microsoft Image Processing Component
Date: September 14, 2004 6:18:58 PM GMT-05:00
To: alerts(a)us-cert.gov
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cyber Security Alert SA04-258A
Vulnerability in Microsoft Image Processing Component
Original release date: September 14, 2004
Last revised: --
Source: US-CERT
Systems Affected
* Applications that process JPEG images on Microsoft Windows,
including but not limited to
* Internet Explorer
* Microsoft Office
* Microsoft Visual Studio
* Picture It!
* Applications from other vendors besides Microsoft
Overview
An attacker may be able to gain control of your computer by taking
advantage of the way some programs process the JPEG image format.
Solution
Apply a patch
Microsoft has issued updates to address the problem. Obtain the
appropriate update from Windows Update and from Office Update.
Note: You may need to install multiple patches depending what
software you have on your computer.
Use caution with email attachments
Never open unexpected email attachments. Before opening an
attachment, save it to a disk and scan it with anti-virus software.
Make sure to turn off the option to automatically download
attachments.
View email messages in plain text
Email programs like Outlook and Outlook Express interpret HTML code
the same way that Internet Explorer does. Attackers may be able to
take advantage of that by sending malicious HTML-formatted email
messages.
Maintain updated anti-virus software
It is important that you use anti-virus software and keep it up to
date. Most anti-virus software vendors frequently release updated
information, tools, or virus databases to help detect and recover
from virus infections. Many anti-virus packages support automatic
updates of virus definitions. US-CERT recommends using these
automatic updates when possible.
Description
Microsoft Windows Graphics Device Interface (GDI+) is used to
display information on screens and printers, including JPEG image
files. An attacker could execute arbitrary code on a vulnerable
system if the user opens a malicious JPEG file via applications
such as a web browser, email program, internet chat program, or via
email attachment. Any application that uses GDI+ to process JPEG
image files is vulnerable to this type of attack. This
vulnerability also affects products from companies other than
Microsoft.
References
* September 2004 Security Update for JPEG Processing (GDI+) -
<http://www.microsoft.com/security/bulletins/200409_jpeg.mspx>
* US-CERT Vulnerability Note VU#297462 -
<http://www.kb.cert.org/vuls/id/297462>
_________________________________________________________________
Author: Mindi McDowell. Feedback can be directed to US-CERT, at
"US-CERT Security Alerts" at <mailto:cert@cert.org>. Please include
the Subject line "SA04-258A Feedback VU#297462".
_________________________________________________________________
Copyright 2004 Carnegie Mellon University.
Terms of use: <http://www.us-cert.gov/legal.html>
This document is available from
<http://www.us-cert.gov/cas/alerts/SA04-258A.html>
Revision History
September 14, 2004: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFBR3B1XlvNRxAkFWARAtRbAJ9FRO0XqiiEMNjjwGoTBpox2wJqWgCg1YzJ
8JEt8xDHp6Gm5LXjI8y0uOU=
=ehyf
-----END PGP SIGNATURE-----
MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow
Code Execution (833987)
- Affected Software:
- Windows XP and Windows XP Service Pack 1
- Windows XP 64-Bit Edition Service Pack 1
- Windows XP 64-Bit Edition Version 2003
- Windows Server 2003
- Windows Server 2003 64-Bit Edition
- Office 2003
- Office XP Service Pack 3
- Visio 2003 (All versions)
- Visio 2002 Service Pack 2 (All versions)
- Project 2003 (All versions)
- Project 2002 Service Pack 1 (All versions)
- Review bulletin MS04-O28 for information about
these affected operating systems and applications:
- Windows NT Workstation 4.0 Service Pack 6a
- Windows NT Server 4.0 Service Pack 6a
- Windows NT Server 4.0 Terminal Server Edition
Service Pack 6
- Windows 2000 Service Pack 2
- Windows 2000 Service Pack 3
- Windows 2000 Service Pack 4
- The Microsoft .NET Framework, version 1.0
- The Microsoft .NET Framework, version 1.1
- Internet Explorer 6 Service Pack 1
- Picture It! 2002 (All versions)
- Greetings 2002
- Picture It! version 7.0 (All versions)
- Digital Image Pro version 7.0
- Picture It! version 9 (All versions)
Including Picture It! Library)
- Digital Image Pro version 9
- Digital Image Suite version 9
- Producer for Microsoft Office PowerPoint
(All versions)
- Visual Studio 2003 .NET
- Visual Basic .NET Standard 2003
- Visual C# .NET Standard 2003
- Visual C++ .NET Standard 2003
- Visual J# .NET Standard 2003
- Visual Studio 2002 .NET
- Visual Basic .NET Standard 2002
- Visual C# .NET Standard 2002
- Visual C++ .NET Standard 2002
- The Microsoft .NET Framework, version 1.0 SDK
- Platform SDK Redistributable: GDI+
- Review the FAQ section of bulletin MS04-O28 for
information about these operating systems:
- Microsoft Windows 98
- Microsoft Windows 98 Second Edition (SE)
- Microsoft Windows Millennium Edition (ME)
- Impact: Remote Code Execution
- Version Number: 1.0
Important Security Bulletins
============================
MS04-027 - Vulnerability in WordPerfect Converter Could
Allow Code Execution (884933)
- Affected Software:
- Office 2003
- Office XP Service Pack 3
- Office 2000 Service Pack 3
- Works Suite (All versions)
- Impact: Remote Code Execution
- Version Number: 1.0
...from:
http://www.pointwise.com/http://www.pointwise.com/pr/04-08.shtmlhttp://www.ilight.com/http://www.macworld.com/news/2004/09/07/cfd/index.php/?lsrc=mcrss-0904
new CFD tools coming to Mac OS X
By Brad Cook bcook(a)maccentral.com
Pointwise Inc. and Intelligent Light made a joint announcement on
Tuesday that their computational fluid dynamics (CFD) tools Gridgen and
Fieldview will soon become available for Mac OS X. The companies cited
their NASA customers who have moved to the Mac as the impetus for
porting the two applications. Pointwise's Gridgen software enables
engineers and scientists to generate meshes used to create 3D models
while Intelligent Light's Fieldview supplies the post-processing tools
needed to interpret the results of tests applied to such models.
Neither company offered precise availability dates for the
applications, nor had either of them updated their Web sites with
system requirements and other information for the Mac OS X versions of
the software. Contact Pointwise and Intelligent Light for pricing
information.
Fieldview examples:
http://www.ilight.com/animations/fish4_small.mpg
(41k) - This movie shows periodic wake shedding in proximity of a
swimming fish, and was visualized with FIELDVIEW. The work was
created by Tim Warburton of Brown University
http://www.ilight.com/animations/matsu.mpeg
(847Kb) - This animation shows the cross flow from an impeller. - Data
courtesy of Matsushita Electric Industrial Co., Ltd.
...more at:
http://www.ilight.com/raps.htm
...from:
http://docs.info.apple.com/article.html?artnum=61798
Security Update 2004-09-07
This Security Update is available for the following system versions:
- Mac OS X 10.3.4
- Mac OS X 10.3.5
- Mac OS X Server 10.3.4
- Mac OS X Server 10.3.5
- Mac OS X 10.2.8
- Mac OS X Server 10.2.8
Summary:
Apple on Tuesday released Security Update 2004-09-07 delivering a
number of security enhancements. The update, which is recommended for
all users, updates the CoreFoundation; IPSec; Kerberos; libpcap;
lukemftpd; NetworkConfig; OpenLDAP; OpenSSH; PPPDialer; rsync; Safari;
and tcpdump. The update is available via the Software Update control
panel.
Details available at:
http://docs.info.apple.com/article.html?artnum=61798
...from:
http://support.lexmark.com/cgi-perl/recall.cgi?ccs=37:1:0:0:0:
0&target=http://support.lexmark.com/cgi-perl/recall.cgi&emeaframe=&emeaframe=&target=http://support.lexmark.com/cgi-perl/recall.cgi&target=http://support.lexmark.com/cgi-perl/
recall.cgi&&req=1:1:0:0:0:0
SAFETY RECALL NOTICE
Lexmark is conducting a voluntary recall of the E230, E232, E232t,
E330, E332, E332n, or E332tn models. This recall is being done in
cooperation with consumer safety agencies around the world.
Lexmark has not received any reports of incidents or injuries
involving these printers. However, through internal reliability testing
Lexmark identified a potential safety issue in one printer after the
equivalent of several years of normal usage. In the unlikely event of a
multiple component failure, the printer could present an electrical
shock hazard if it is connected to an ungrounded power source.
For safety reasons, we ask that you unplug your printer from its power
source before checking to see if you have one of the printers subject
to this recall. In case your printer is connected to an ungrounded
power source, we ask that you not open the covers, not turn off the
printer, not touch the back of the printer, and not touch anything else
connected to the printer prior to unplugging it.
If you purchased your printer prior to Aug. 20, 2004, your printer is
subject to this recall. Please click the following link to initiate the
replacement process:
To replace your product click here
If you purchased your printer after Aug. 20, 2004, you will need to
click on the following link to determine if your printer is subject to
this recall.
Determine if your printer is part of the recall