Microsoft Security Bulletin Summary for September 2004

Critical (1)
Bulletin Identifier - Microsoft Security Bulletin MS04-028

Bulletin Title - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)

Executive Summary - A remote code execution vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system.

Maximum Severity Rating - Critical

Impact of Vulnerability - Remote Code Execution

Affected Software - Windows, Office, Developer, Internet Explorer, and others. For more information, see the Affected Software and Download Locations section for details.

Note This vulnerability might require the installation of several security updates. Review the entire column in the Affected Software and Download Locations summary table for the MS04-028 bulletin identifier to verify the updates that you have to install, based on the programs or components that you have installed on your system.

Important (1)
Bulletin Identifier - Microsoft Security Bulletin MS04-027

Bulletin Title - Vulnerability in WordPerfect Converter Could Allow Code Execution (884933)

Executive Summary - A remote code execution vulnerability exists in the WordPerfect 5.x converter that is provided as part of the affected software that could allow remote code execution on an affected system.

Maximum Severity Rating - Important

Impact of Vulnerability - Remote Code Execution

Affected Software - Office, FrontPage, Works, and Publisher. For more information, see the Affected Software and Download Locations section.