| By Susan Bradley |
All versions of Windows XP and Vista have been found to be susceptible to infected image files in software and on Web sites, Microsoft announced on Patch Tuesday.
The fix Microsoft released this week for XP and Vista is also needed by the .NET Framework, MS Office versions from XP to 2007, Works 8.5, and Forefront Client Security.
GDI+ glitch is a plus-sized headache
Microsoft released on Patch Tuesday more patches than ever before in a single week. I’ll let you decide whether that’s the good news or the bad news.
This week’s 13 separate security updates address 34 different vulnerabilities. Many of the security flaws affect all versions of Windows XP and Vista — and, in a couple of instances, Windows 7 as well. Topping the list of critical patches is MS09-062 (957488), which plugs a hole in Windows’ GDI+ graphics-rendering engine.
Without the patch, your system could become infected simply by opening an infected image in a software program or on a Web site. Microsoft Knowledge Base article 957488 lists the many products affected by this vulnerability: