Last week Windows Update published a tool that checked for MS products that have the flaw. See http://www.microsoft.com/security/bulletins/200409_jpeg_tool.mspx
But the MS tool says nothing about 3rd party products. Does this major flaw affect Offline Exlorer pro ? I`d really be grateful for your reassurance. (And as a jpeg viewing tool, you should explain the position on your website: FAQ?).
Yes, Offline Explorer could be affected by this flaw, because its Internal Browser is in fact an embedded window of MS Internet Explorer. If MS IE is not patched, viewing JPEG files may be a problem (however there are still no JPEG viruses found).
Anyway, it is recommended to apply the JPEG issue patch from Microsoft, which will cure the problem. There are no other issues related to Offline Explorer and JPEG files. The code that is being used by Offline Explorer to parse JPEG files and get their dimensions (in pixels) is absolutely safe and it cannot be a source of any security flaw. It doesn`t read the whole JPEG file, but only its header, which doesn`t contain any virus part.
So as I understand it, if I`ve patched IE (e.g. by running XP SP2) then OE is also made safe and there`s no need for any additional patch.
Thanks for the reassurance!