http://msmvps.com/blogs/harrywaldron/archive/2004/09/30/14633.aspxMS04-028: Trojan.Ducky A/B exploits GDI+ vulnerabilities http://www.symantec.com/avcenter/venc/data/trojan.ducky.html http://www.symantec.com/avcenter/venc/data/trojan.ducky.b.html Trojan.Ducky is a downloader Trojan that exploits the Microsoft GDI+ LibraryenCommunityServer 2008.5 SP2 (Build: 40407.4157)http://msmvps.com/blogs/harrywaldron/archive/2004/09/30/14633.aspx#14666Fri, 01 Oct 2004 14:19:00 GMTd67277c4-116b-43f1-b688-e9ef184ea916:14666Harry WaldronSeems to be that the AV industry is already a week late with this. We got mails with Jpeg attachments containg string Ducky as editor already a week ago mailed as &quot;Feedback&quot; to our website. <br> <br>Just we were unsure, what's the malicious code in it and didn't want to try it out.<div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=14666" width="1" height="1">