Today we released two new security bulletins. MS04-028 is marked critical and there's specific action that Visual Studio users need to take with regards to this bulletin. Developers should read over the bulletin carefully and download and install the patches specific to Visual Studio .NET and the .NET Framework. Microsoft Security Bulletin Summary for September, 2004
Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
A remote code execution vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system.
Note This vulnerability might require the installation of several security updates. Review the entire column in the Affected Software and Download Locations summary table for the MS04-028 bulletin identifier to verify the updates that you have to install, based on the programs or components that you have installed on your system.