Late in the day on Tuesday, January 4, Microsoft released security advisory 2490606 for an unpatched vulnerability in the Windows Graphics Rendering engine for Windows XP, Vista, Server 2003 and Server 2008 (32bit, 64 bit and Itanium versions) NOT designated as R2. A working exploit of the vulnerability (on Windows XP systems) has been released. To exploit the vulnerability, an attacker must convince a user to visit a specially crafted malicious Web page, or to open a malicious Word or PowerPoint file. Secunia refers to the vulnerability as a ‘thumbnail bitmap parsing buffer overflow’ – http://secunia.com/advisories/42779/
The current solution to prevent exploitation requires restricting access to the shimgvw.dll file. The effect of restricting access to the shimgvm.dll file is that the image preview utility will no longer function and double-clicking on an image file will no longer cause the image to open the file.
Additional details from Microsoft are available at http://blogs.technet.com/b/msrc/archive/2011/01/04/microsoft-releases-security-advisory-2490606.aspx
Please caution your customers to error on the side of prudence and always follow the guidelines detailed in the Protect Your Computer resource at – http://www.microsoft.com/security/default.aspx
As always, please contact me at firstname.lastname@example.org if you have questions, concerns or need assistance.