Windows users have a new critical vulnerability to worry about, and this one's potentially nasty. According to Microsoft, a buffer overrun in JPEG processing could allow remote code execution. A host of operating systems and applications are affected, including Windows XP SP1, Windows Server 2003, Office XP and 2003, and several versions of Project, Visio, Visual Studio .NET, just to name a few.
As ZDNet points out, this latest vulnerability has the potential to be very nasty:
The critical flaw has to do with how Microsoft's operating systems and other software process the widely used JPEG image format and could let attackers create an image file that would run a malicious program on a victim's computer as soon as the file is viewed. Because the software giant's Internet Explorer browser is vulnerable, Windows users could fall prey to an attack just by visiting a Web site that has affected images.Time to get patching. Thanks to TR reader JT for the tip.
|Gigabyte SA-SBCAP3350 puts formidable power on a single board||12|
|Alphacool Eisblock HDX-2 and HDX-3 help M.2 SSDs beat the heat||10|
|Corsair Lighting Pro Expansion Kit lets builders turn up the lights||8|
|Adata D16750 power bank is tougher than the average juice pack||16|
|Deals of the week: fast memory, an AM4 motherboard, and more||18|
|Corsair RMx White Series PSUs take a walk on the snowy side||24|
|Intel crams 100 GFLOPS of neural-net inferencing onto a USB stick||41|
|Toshiba's XG5 1TB NVMe SSD reviewed||9|
|Microsoft and Johnson Controls put Cortana in a thermostat||26|