Hackers Smell Blood In Common Windows Interface

GDIs handle and transmit graphics to output devices like monitors and printers. Hackers are attempting to bombard the JPEG GDIs to achieve a buffer overrun that could allow for the execution of malicious code.

Microsoft made the vulnerability public last week with the issuance of a Microsoft Security Bulletin MS04-028.

Microsoft rates the severity of the threat as critical and advises users to apply an update immediately. Updates and their related Windows operating-system versions can be found here.

Officials at the Internet Storm Center warned "We expect a rapid development of additional exploits over the next few days."

The Storm Center also cautioned that many non-Microsoft programs are also vulnerable to the JPEG GDI exploits, and has issued a link to a free scanner download to detect vulnerable GDIs. That scanner can be found here.