MS15-029 addresses two more image-related memory disclosure vulnerabilities in Internet Explorer – this time, affecting the little-known JPEG XR format supported by this browser, plus the far more familiar PNG. Similarly to the previously discussed bugs in MSIE TIFF and JPEG parsing, and to the BMP, ICO, and GIF and JPEG DHT & SOS flaws in Firefox and Chrome, these two were found with afl-fuzz. The earlier posts have more context – today, just enjoy some pretty pics, showing subsequent renderings of the same JPEG XR image:
The total number of bugs squashed in this category is now ten. I have just one more multi-browser image parsing bug outstanding – but it should be an interesting one. Stay tuned.