As we reported earlier, a vulnerability, which allows code execution, has been found in Microsoft's GDI+ JPEG decoder. Microsoft has posted detailed information on the vulnerability and affected systems in MS04-028.

A proof-of-concept exploit which executes code on the victim's computer when opening a JPG file has been posted to a public website.



For anybody with unpached systems it is time to patch now.