From Microsoft:
So there you have it. You should really install this given the affected software.
Download from here:
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx
Bulletin Identifier - Microsoft Security Bulletin MS04-028
Bulletin Title - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
Executive Summary - A remote code execution vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system.
Maximum Severity Rating - Critical
Impact of Vulnerability - Remote Code Execution
Affected Software - Windows, Office, Developer, Internet Explorer, and others. For more information, see the Affected Software and Download Locations section for details.
Note This vulnerability might require the installation of several security updates. Review the entire column in the Affected Software and Download Locations summary table for the MS04-028 bulletin identifier to verify the updates that you have to install, based on the programs or components that you have installed on your system.
So there you have it. You should really install this given the affected software.
Download from here:
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx