SkyRecon's Research & Development team discovered the Windows GDI+ PNG Heap Overflow Vulnerability (CVE-2009-2501).

A remote code execution vulnerability exists in the way that GDI+ allocates memory. The vulnerability could allow remote code execution if a user opens a specially crafted PNG image file. An attacker who successfully exploits this vulnerability could take complete control of an affected system.

Microsoft rated this security update as “Critical” for all supported editions of Windows XP and Windows Server 2003; Windows Vista and Windows Vista Service Pack 1; Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1; Windows Server 2008 for 32-bit Systems, Windows Server 2008 for x64-based Systems, and Windows Server 2008 for Itanium-based Systems; Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, SQL Server 2000 Reporting Services Service Pack 2, all supported editions of SQL Server 2005, Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package, Microsoft Report Viewer 2008 Redistributable Package, and Microsoft Report Viewer 2008 Redistributable Package Service Pack 1.

Information on Microsoft Security Bullet MS09-062 can be found at: http://www.microsoft.com/technet/security/Bulletin/MS09-062.mspx (Accredited to Thomas Garnier of SkyRecon Systems.)

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, visit http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2501

SkyRecon’s StormShield automatically protects systems against this vulnerability.