From: "Geo." 

It's a Jpg exploit, pretty much any Microsoft software that can display a
jpg image can be exploited to run code.

Like for example IE, word, excel, and about a dozen or more others..

Geo. (it seems like a pretty serious issue from what I know about it so far)

"Adam Flinton"  wrote in message
news:414772ad$1{at}w3.nls.net...
> Why disclose publically when you can charge for it?
>
> http://www.internetnews.com/security/article.php/3406851
>
> "Microsoft (Quote, Chart) is giving premium customers advance notice of
> security bulletins, internetnews.com has learned.
>
> The company plans to release two security bulletins, one with a
> "critical" rating, on Tuesday September 14, in order to plug holes in
> multiple software products, according to an advance notice sent to
> select customers.
>
> The note, obtained by internetnews.com, said Microsoft's September batch
> of patches will plug a serious vulnerability in Microsoft Windows,
> Microsoft Office, Microsoft Home, Microsoft Visual Studio, and Microsoft
> .NET Framework.
>
> A separate patch with an "important" rating will be issued
for Microsoft
> Office customers, the company said in the notice, which was sent only to
> premier customers.
>
> "At this time no additional information on these internal bulletins such
> as details regarding severity or details regarding the vulnerability
> will be made available until 14 September 2004," according to the notice.
>
> While Microsoft said the number of bulletins, products affected, restart
> information and severities are subject to change until released, it
> appears there won't be a patch this month for a "highly
critical" bug in
> Internet Explorer browser's drag-and-drop feature. The bug could put
> millions of Web surfers at risk of malicious hacker attacks. A public
> warning for that vulnerability was issued on August 19.
>
> In a statement released to internetnews.com, Microsoft confirmed the
> pre-release of information to premier and other representative
> customers. "Based on customer feedback, Microsoft started a 'heads-up'
> security bulletin notification program in November 2003 with Premier and
> other representative customers. The program was well-received and
> feedback from participating customers was very positive; consequently,
> the program was expanded in April 2004 to include all customers who will
> sign an appropriate non-disclosure agreement," the company added."
>
>
> Adam

--- BBBS/NT v4.01 Flag-5