This new JPEG vulnerability in Windows has me scared. I'm generally pretty virus-immune: I don't read email on Windows, I've got Norton AntiVirus on my Windows box, and I don't generally run unknown programs. But I do look at a lot of JPEGs. And now there's at least one JPEG virus in the wild.
Windows Update is one of the great unheralded Microsoft technologies. It really works. Well, mostly. I downloaded the various JPEG fixes from them and thought I was safe until I ran GDI Scan, a deep scan tool that tries to find vulnerable versions of the DLL. And it found a vulnerable version, C:\WINDOWS\system32\gdiplus.dll.
Now what do I do? I don't know where to get an update. Do I have to install Service Pack 2? Does that even fix the problem? I'm a software professional and I'm confused. What does the other 99% of the world do?