[unisog] MS04-028 and blocking JPGs

Heinrich, Matt Matt.Heinrich at Rockhurst.edu
Tue Nov 16 16:43:44 GMT 2004

Hello all.  I'm generally just a lurker, but I'm looking for some additional advice regarding JPGs and the GDI vulnerability.  I remain unconvinced that McAfee (our AV software) will uncover all of the malformed JPGs so we continue to block all JPG attachments.  This continues to be met with the expected reaction from our user community.  I do not have the resources to make it to every machine and patch for every occurrence of a bad .DLL nor do I have a strong belief that MS patches would get applied correctly anyway.  I ran the Office updates on my box and still had problems getting all of the DLLs, let alone the non MS software that uses GDI.

I also however, think it is poor service for us to continue to block JPGs as they are widely used - or at least were.

How are the rest of you handling this problem?  Are you confident AV software can catch it at the border?  Are you using some other combination of resources to capture and remove the offenders?

Any advice or help appreciated,

Matt Heinrich
Director of Computer Services
Rockhurst University

More information about the unisog mailing list