TCH-Dick Posted September 23, 2004 Posted September 23, 2004 full story here A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software. Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way Microsoft's software processes JPEG graphics, could allow a program to take control of a victim's computer when the user opens a JPEG file. The flaw affects various versions of at least a dozen Microsoft software applications and operating systems, including Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It and Digital Image Pro. The software giant has a full list of the applications in the advisory on its Web site. Windows XP Service Pack 2, which is still being distributed to many customers' computers, is not vulnerable to the flaw. Quote
Madmanmcp Posted September 23, 2004 Posted September 23, 2004 Thanks Mike. Windows XP Service Pack 2, which is still being distributed to many customers' computers, is not vulnerable to the flaw. A big reason for folks to update to SP2. But as usual they will not and the first couple of virus's produced for this bug will have big impact. Quote
borfast Posted September 23, 2004 Posted September 23, 2004 (edited) Is it?... (try opening the link with IE6 on a fully patched WinXP system) Edited September 23, 2004 by TCH-Raul Quote
LisaJill Posted September 23, 2004 Posted September 23, 2004 I don't have access to one of these IE 6 machines; someone tell me what happens when you load that picture? *hugs her mac* Quote
Nicholas Naime Posted September 23, 2004 Posted September 23, 2004 Give your Mac a hug from mine. Quote
TCH-Dick Posted September 23, 2004 Author Posted September 23, 2004 I don't have access to one of these IE 6 machines; someone tell me what happens when you load that picture? *hugs her mac* it caused an error and shut down the browser Quote
TCH-Andy Posted September 23, 2004 Posted September 23, 2004 I dug out my fully patched version of XP, and IE - yep, it caused an error a treat - back to the standard Firefox Quote
mike Posted September 27, 2004 Posted September 27, 2004 it caused an error and shut down the browser so instead of risking pc problems by installing sp2 would it not be easier and safer just to use firefox and thunderbird???? Quote
tyrael Posted September 29, 2004 Posted September 29, 2004 The first effective JPEG trojan has been posted to USENET. Read about it on slashdot here. A team at easynews.com has picked the trojan apart, and have even created a PERL script to detect the image: >@stat = stat($file); $size = $stat[7]; open HANDLE, $file; sysread(HANDLE, $input, $size); close HANDLE; if ($input !~ /^\xff\xd8/) { print "not a jpeg\n"; exit; } if ($input =~ /\xff\xfe\x00[\x00\x01]/s) { @debug = `djpeg -debug $file 2>&1 > /dev/null`; if (grep (/Comment, length \-*[01]:/i, @debug)) { print "jpeg has trojan\n"; } } The link to that page, which has a LOT of good technical information about the trojan and how it works, is: http://www.easynews.com/virus.html so instead of risking pc problems by installing sp2 would it not be easier and safer just to use firefox and thunderbird???? Unfortunately, a downloaded image, whether it came from a website or was downloaded from Kazaa, could infect your computer by even hovering your mouse over it in Windows' File Explorer (explorer.exe). Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.