Update Protection against Microsoft Paint JPEG Decoding Integer Overflow Vulnerability (MS10-005)
| Check Point Reference: | CPAI-2010-021 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS10-005 | |
| Industry Reference(s): | CVE-2010-0028 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Windows 2000 SP4 Windows XP SP2 Windows XP SP3 Windows XP Professional x64 Edition SP2 Windows Server 2003 SP2 Windows Server 2003 x64 Edition SP2 Windows Server 2003 with SP2 (Itanium) | ||
| Vulnerability Description A remote code execution vulnerability exists in the way that Microsoft Paint decodes JPEG images. Microsoft Paint is a simple graphics painting program that has been included with all versions of Microsoft Windows. JPEG is a platform-independent image format that supports a high level of compression. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS10-005 |
|
|
Vulnerability Details The vulnerability is due to an integer overflow error when Microsoft Paint fails to properly decode a malformed JPEG image file. A remote attacker might exploit this issue by convincing a user to open a specially crafted JPEG file. Successful exploitation may allow execution of arbitrary code on an affected system. |
Protection Overview
This protection will detect and block the transferring of malformed JPEG files over HTTP.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.