Does Microsoft Security Bulletin MS04-028: "Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)" affect IBM Lotus software Customers?
Customers who use Microsoft Internet Explorer to access IBM Lotus software products, such as Domino Web Access, Team Workplace (QuickPlace), or Domino Web applications or use it as a browser option within the Lotus Notes client should follow Microsoft's upgrade recommendations for Internet Explorer.
IBM Lotus software does not ship the vulnerable file, gdiplus.dll, with any software product. Therefore, Lotus software products are not directly affected by the vulnerability.
Email messages containing JPEG in-line images are not affected. Email messages containing JPEG images as attachments viewed with the Notes viewer are also not affected. However, email messages containing JPEG images as attachments that are opened in Internet Explorer or viewed with the default Windows JPEG viewer (by right-clicking the attachment and selecting Open) may be vulnerable. Customers should follow Microsoft's recommendations for Internet Explorer and the default Windows JPEG viewer.
|Messaging Applications||Lotus End of Support Products||Lotus QuickPlace|
|Messaging Applications||Lotus End of Support Products||Lotus Domino Web Access|
|Messaging Applications||Lotus End of Support Products||Lotus Notes|