PDA

View Full Version : Watch those JPEGs


r2d2d3d4d5
09-15-04, 06:20 PM
Thanks to MS it seems that all a hacker needs to do to do bad things to your computer is get you to open a JPEG. Luckily for us MS seem to be on top of this one and have released appropriate patches for it's vast array of programs that are affected by this little bug. Or you could just use WinXP SP2. Which, provided you are using XP, you should probably be using already, I guess.

Inq. Story (http://www.theinquirer.net/?article=18446)
MS Link 1: September 2004 Security Update for JPEG Processing (GDI+) (https://www.microsoft.com/security/bulletins/200409_jpeg.mspx)
MS Link 2: WordPerfect Converter Security Update for September 2004 (https://www.microsoft.com/security/bulletins/200409_wordperfectconverter.mspx)

vampireuk
09-17-04, 04:56 AM
This has been around for a long time now, MS have finally done something about it. Firefox all the way :D

BioHazZarD
09-17-04, 11:51 AM
ouch...

DaveW
09-17-04, 05:42 PM
This has been around for a long time now, MS have finally done something about it. Firefox all the way :D

Yeah, malformed JPG files are nothing new.

r2d2d3d4d5
09-30-04, 09:19 AM
Saw this (http://news.bbc.co.uk/1/hi/technology/3701640.stm) today.

The first images crafted to contain a malicious program that can take control of a PC have been found on the net.

The poisoned images were posted to a porn newsgroup at the weekend and were found by Usenet provider Easynews.

To fall victim to the poisoned pictures, users must view it using Windows Explorer.

Once in place, the code then tells an infected machine to contact a server on the web to download another program that lets it be taken over remotely by an attacker.

Oliver Friedrichs, senior manager with Symantec Security Response, said that he expected future versions of the bug to strike when images are viewed with the Internet Explorer browser and Outlook.

Users who have updated their Windows XP machines with the SP2 update could still be at risk from this bug if they are running unpatched programs, such as Microsoft Office, that are vulnerable.

Not sure about the status of pre XP OSs but this looks like it might affect a lot of people. There's a lot of people out there without SP2 and who have never update MS Office. If someone manages to exploit this bug on IE I wouldn't be surprised if infected jpegs eventually get posted on internet forums.

Together with the zip exploit I kind of wish MS would not try and do everything (picture viewer/zip manager/etc).

JRepin
10-03-04, 07:26 AM
Yup Firefox or Opera is the way to go.

retsam
10-04-04, 04:38 AM
i saw this demos ovet two years ago by a few guys at an antiviral company ....hehehe but its not just ie thats vulnerable its anything that uses the gdi+ dll's ( photoshop and any other jpg program). the testing tools that microsoft gives out to check your system only scans the dlls used for microsoft products. here is a dll scanner that will scan your whole system.


here (http://isc.sans.org/gdiscan.php)
i wish for once microsoft would come up with a security tool that was more universal that what they give out