Re: Microsoft Security Advisory (912840): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

#5 01-05-2006, 04:57 PM

Thank you, both.

Joe
"jt3" <jt3@cranky.computer> wrote in message
news:eNOfwGLDGHA.2956@TK2MSFTNGP14.phx.gbl...
> Since I cannot find the item to check about 'download images . . . ' is
this
> feature only on XP?
> Thanks,
> Joe
> "PA Bear" <PABearMVP@gmail.com> wrote in message
> news:u5S98wKDGHA.3984@TK2MSFTNGP14.phx.gbl...
> > X-posted to OE General, OE6, Security & Security.Homeusers NGs.
> > Followup-to: WinXP General
> >
> > Kerry Brown wrote:
> > > > X-post to Security, Security.Homeusers, IE6 & WinXP General
> > > > newsgroups. Followup set to microsoft.public.security.
> > > >
> > > > Microsoft Security Advisory (912840): Vulnerability in Graphics
> > > > Rendering Engine Could Allow Remote Code Execution
> > > > http://www.microsoft.com/technet/sec...ry/912840.mspx
> > > >
> > > > Welcome to the Microsoft Security Response Center Blog!
> > > > New Security Advisory for Possible Windows Vulnerability
> > > > http://blogs.technet.com/msrc/archiv...29/416569.aspx
> > >
> > > As an addendum. This exploit is being used right now. I just received
a
> > > customer's computer that was infected with Spy Sherriff by this
method.
> > > The exploit was in a spam email. Turn off the preview pane in OE
(always
> > > a good idea) and turn off the Windows picture and fax viewer until
> > > Microsoft has a fix.
> >
> > Preview Pane should be OK if...
> >
> > OE: Tools > Options > Read > Read all messages in Plain Text (check)
> >
> > OE: Tools>Options>Security>Download images... (check)
> >
> > See
> >
>
http://www.microsoft.com/technet/pro.../sp2email.mspx
> > --
> > ~Robear Dyer (PA Bear)
> > MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org
> >
>
>