Reported February 8, 2005 by Microsoft
Vulnerabilities exist because of the way the affected software handles PNG files. A remote intruder could use malicious Web content that contains corrupt or malformed PNG files to execute codeon the affected system. A successful exploit could allow the intruder to take complete control of the system.
Microsoft has released
Security Bulletin MS05-009, "Vulnerability
in PNG Processing Could Allow Remote Code Execution (890261),"
and a patch to correct the problem.
Carlos Sarraute of Core Security Technologies