MS14-085: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126)
Medium Nessus Plugin ID 79834
SynopsisThe remote Windows host is affected by an information disclosure vulnerability.
DescriptionThe version of the Microsoft Graphics Component installed on the remote host is affected by an information disclosure vulnerability due to the way JPEG content is decoded. A remote attacker can exploit this vulnerability by convincing a user to browse to a website containing specially crafted JPEG content, resulting in the disclosure of information that can aid in further attacks.
SolutionMicrosoft has released a set of patches for Windows Server 2003, Vista, Server 2008, 7, Server 2008 R2, 8, 8.1, Server 2012, and Server 2012 R2.