This issue's topic: Microsoft Windows' GDI Vulnerability
As many of you may know, Microsoft has released an update regarding a new vulnerability, referred to as the GDI vulnerability. This bug in windows code allows not only Microsoft applications, but some 3rd party apps that handle JPEG images, to be exploited. People who know how can craft a specially designed JPEG that can exploit this bug and possibly take control of your machine. If you view an image using an application that has this vulnerability, then it is possible for the remote program to issue commands on your computer. Several viruses have already begun circulating that take advantage of this. Microsoft has released an update for this vulnerability which you can get by going to Windows Update for the operating system update and Office Update for the Microsoft office update. This update scans your local computer for applications affected by the GDI vulnerability. Often, in the past, PTC Select technicians have advised caution regarding Microsoft updates. This is not the case here. PTC Select advises all users of Windows operating systems to download this update immediately. This update fixes flaws in Microsoft applications only, but be advised that the vulnerability exists for many other 3rd party applications which run in a Windows environment. If you run the Microsoft GDI update, and it finds programs that it cannot fix, these applications must be patched separately. Call your PTC technician for assistance with these issues. If you have issues with this vulnerability, feel free to call us at (309) 685-8400 to schedule a service visit from your support engineer today.