Reported February 8, 2005 by Microsoft
Vulnerabilities exist because of the way the affected software handles PNG files. A remote intruder could use malicious Web content that contains corrupt or malformed PNG files to execute codeon the affected system. A successful exploit could allow the intruder to take complete control of the system.
Microsoft has released Security Bulletin MS05-009, "Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)," and a patch to correct the problem.
Carlos Sarraute of Core Security Technologies