If I read this right, a *.BMP can be used in an e-mail (or website) to run attack code. But MS has not yet released a patch.
Also, it's not hitting English versions of Windows yet.
Just calling attention to it so that it can be investigated for a "invalid BMP" test like the recently added "SCR" and "Com" tests.
http://msmvps.com/trafton/archive/05182004.aspx http://www.kaspersky.com/news.html?id=148515536 http://xforce.iss.net/xforce/xfdb/15210
It looks like that the major AV vendors have added this to their DAT files, but an extra layer of protection would be helpful.
http://vil.nai.com/vil/content/v_125302.htm
http://vil.nai.com/vil/content/v_125303.htm
http://vil.nai.com/vil/content/v_100992.htm
--
Greg Little
--- [This E-mail scanned for viruses by Findlay Internet]
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
