This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the way that the Kodak Image Viewer, formerly known as Wang Image Viewer, handles specially crafted images files. The vulnerability could allow an attacker to remotely execute code on the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This vulnerability exists only on systems running Windows 2000. However, systems running supported editions of Windows XP and Windows Server 2003 may also be affected if upgraded from Windows 2000. This is a critical security update for Windows 2000 Service Pack 4, Windows XP Service Pack 2, and supported 32-bit editions of Windows Server 2003. For more information, see the subsection, Affected and Non-Affected Software, in this section.
This security update addresses the vulnerability by deprecating file types that are no longer supported as well as by improving the way that the Kodak image viewer handles specially crafted file types. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Disclaimer: This webpage is intended to provide you information about patch announcements for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors' websites. You can get more information by clicking the links to visit the relevant pages on the vendors' websites. Desktop Central is NOT endorsed by the vendors of the software products.