The flaw (http://www.k-otik.com/exploits/09222004.ms04-28.sh.php) which affects a long list of Windows applications, including Internet Explorer 6 SP1, can allow an attacker to compromise any computer running Windows when the user simply looks at a page with a malicious jpeg image. This page (http://www.microsoft.com/security/bulletins/200409_jpeg.mspx) at Microsoft shows the complete list of affected applications. The Internet Storm Center (http://isc.sans.org) is monitoring the situation, they also have a scanner that will scan your systems for vulnerable versions of the GDI libraries.

It took surprisingly long..

Hackers Target Microsoft's JPEG Flaw (http://story.news.yahoo.com/news?tmpl=story&ncid=738&e=1&u=/ap/20040928/ap_on_hi_te/windows_security)