GDI Scanner Released
This is a preliminary diary, and will be updated throughout the day, as the situation warrants, due to the possibility of a rapidly emerging exploit, or worm, we are releasing this early.
Over the last 24hrs, several exploits taking advantage of the JPEG GDI vulnerability (MS04-028) have been released. We expect a rapid developemnt of additional exploits over the next few days.
Tom Liston has put together a scanner, which will scan your systems for vulnerable versions of the GDI libraries you can get it at http://isc.sans.org/gdiscan.php
This program should have an MD5 checksum of (91ff45c6158e77eb57fbf6fbe38f05d1)