Showcase and discover digital art at yex

Follow Design Stacks

Subscribe to our free newsletter to get all our latest tutorials and articles delivered directly to your inbox!

Macromedia Products Not Affected by Microsoft JPEG/GDIPlus Vulnerability

May 18, 2006 | 0 comments

Macromedia Products Not Affected by Microsoft JPEG/GDIPlus Vulnerability

Summary

On September 14, 2004, Microsoft released a security bulletin warning that there may be wide-ranging effects on software that handles JPEG images. Macromedia has reviewed its products and found none of them to be at risk from this issue.

Details

For more technical details, please visit Microsoft’s security bulletin: http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx.

For users of Macromedia products, the relevant portion of the bulletin states: “not every program that installs this file is vulnerable to this issue because it may not use the Gdiplus.dll file to process JPEG images. However, only the manufacturer of that program can make that determination.”

Although some Macromedia products do install a vulnerable version of gdiplus.dll, no Macromedia product uses this Microsoft graphics library to process JPEG images, therefore there is no security risk.

In some configurations, the following Macromedia products may install a gdiplus.dll file; however, because these products do not invoke the affected JPEG routines, there is no security risk:

  • Contribute
  • Dreamweaver
  • Fireworks
  • Flash
  • FlashPaper
  • FreeHand
  • RoboSource Control
  • Studio MX

Revisions

September 21, 2004 – Bulletin first created.

Reporting Security Issues

Macromedia is committed to addressing security issues and providing customers with the information on how they can protect themselves. If you identify what you believe may be a security issue with a Macromedia product, please send an email to secure@macromedia.com. We will work to appropriately address and communicate the issue.

Receiving Security Bulletins

When Macromedia becomes aware of a security issue that we believe significantly affects our products or customers, we will notify customers when appropriate. Typically this notification will be in the form of a security bulletin explaining the issue and the response. Macromedia customers who would like to receive notification of new security bulletins when they are released can sign up for our security notification service.

For additional information on security issues at Macromedia, please visit: http://www.macromedia.com/security.

Comments

Related Posts

No related posts.