Re: Microsoft Security Advisory (912840): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

#4 01-05-2006, 04:57 PM

It's new to XP SP2.

--

Mike - http://pages.prodigy.net/michael_santovec/techhelp.htm

"jt3" <jt3@cranky.computer> wrote in message
news:eNOfwGLDGHA.2956@TK2MSFTNGP14.phx.gbl...
> Since I cannot find the item to check about 'download images . . . '
> is this
> feature only on XP?
> Thanks,
> Joe
> "PA Bear" <PABearMVP@gmail.com> wrote in message
> news:u5S98wKDGHA.3984@TK2MSFTNGP14.phx.gbl...
>> X-posted to OE General, OE6, Security & Security.Homeusers NGs.
>> Followup-to: WinXP General
>>
>> Kerry Brown wrote:
>> > > X-post to Security, Security.Homeusers, IE6 & WinXP General
>> > > newsgroups. Followup set to microsoft.public.security.
>> > >
>> > > Microsoft Security Advisory (912840): Vulnerability in Graphics
>> > > Rendering Engine Could Allow Remote Code Execution
>> > > http://www.microsoft.com/technet/sec...ry/912840.mspx
>> > >
>> > > Welcome to the Microsoft Security Response Center Blog!
>> > > New Security Advisory for Possible Windows Vulnerability
>> > > http://blogs.technet.com/msrc/archiv...29/416569.aspx
>> >
>> > As an addendum. This exploit is being used right now. I just
>> > received a
>> > customer's computer that was infected with Spy Sherriff by this
>> > method.
>> > The exploit was in a spam email. Turn off the preview pane in OE
>> > (always
>> > a good idea) and turn off the Windows picture and fax viewer until
>> > Microsoft has a fix.
>>
>> Preview Pane should be OK if...
>>
>> OE: Tools > Options > Read > Read all messages in Plain Text (check)
>>
>> OE: Tools>Options>Security>Download images... (check)
>>
>> See
>>
> http://www.microsoft.com/technet/pro.../sp2email.mspx
>> --
>> ~Robear Dyer (PA Bear)
>> MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP,
>> DTS-L.org
>>
>
>