September 2004
For September the guys from Redmond, WA have released two new security bulletins. One, MS04-027 pertains to a flaw in the WordPerfect Converter- a tool to convert documents from the competing WordPerfect format so that they work in Microsoft products. Security Bulletin MS04-028 is rated as Critical. It relates to a flaw in the way JPEG graphic images are handled which could lead to remote code execution or allow an attacker to take control of the system. The big caveat with this one is that you need to apply the patch or update for all affected operating systems or applications which means you may have to install multiple patches on the same machine to fix this vulnerability. See the bulletins below for more information.
- Microsoft Security Bulletin MS04-027
Vulnerability in WordPerfect Converter Could Allow Code Execution
Microsoft Criticality: Important - Microsoft Security Bulletin MS04-028
Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution
Microsoft Criticality: Critical