Intrusion Prevention

BMP.Image.Width.Parsing.Code.Execution

Description

This indicates an attack attempt to exploit an Integer Overflow vulnerability in Microsoft Windows.
This vulnerability is a result of an improper boundary check condition when handling maliciously crafted BMP files. As a result, a remote attacker may be able to execute arbitrary code within the context of the application.

Affected Products

Microsoft Digital Image Suite 2006
Microsoft Forefront Client Security 1.0
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office 2003 Service Pack 3
Microsoft Office System 2007
Microsoft Office System 2007 Service Pack 1
Microsoft PowerPoint Viewer 2003
Microsoft Report Viewer 2005 Redistributable Package Service Pack 1
Microsoft Report Viewer 2008 Redistributable Package
Microsoft SQL Server 2005 Service Pack 2
Microsoft SQL Server 2005 Itanium Edition Service Pack 2
Microsoft SQL Server 2005 x64 Edition Service Pack 2
Microsoft SQL Server Reporting Services 2000 Service Pack 2
Microsoft Visio 2002 Service Pack 2
Microsoft Works 8.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/en-us/security/bulletin/ms08-052