Slashdot Mirror


Public Exploit For Windows JPEG Bug

Khoo writes "A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software. Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way Microsoft's software processes JPEG graphics, could allow a program to take control of a victim's computer when the user opens a JPEG file." We mentioned this earlier.

8 of 509 comments (clear)

  1. Spammers by sleepnmojo · · Score: 5, Interesting

    The biggest problem here is when spammers use this in there opt out link. This would probably be much more effective than the scrollbar hack they are using now. It just has to render the damn page, and wham you're infected.

  2. Related links? by caluml · · Score: 4, Interesting

    What's all this stuff in the related links?

    . Bug whitepapers
    . Best deals: Bug
    . More Bug stories
    . Security whitepapers
    . Best deals: Security
    . More Security stories
    . Windows whitepapers
    . Best deals: Windows
    . More Windows stories
    . Microsoft whitepapers
    . Best deals: Microsoft

    When did that start happening?

  3. Are you patched? by UnderAttack · · Score: 4, Interesting

    These early POC exploits are covered in todays
    ISC Diary. Note that now there is a script to generate images to add an Admin level user (username "X").

    Not too long until we see a remote shell.

    Some people are tlaking about seeing it used in an MSN Messenger worm.

    The hard part about patching this one is that a lot of third party software may overwrite the Windows JPEG GDI library with its own older version :-/

    --
    ---- join dshield.org Distributed Intrusion Detec
  4. Hard to patch by Manip · · Score: 5, Interesting

    This bug exists in most Microsoft Software. So for someone to patch they can't simply connect to Windows Update and consider themselves safe, they also have to patch Office, Visual Studio, some Microsoft Games, Server Software (misc, not covered by Update) and more.

    So don't sit there on an SP2 system and consider yourself safe. There is more than likely a whole host of ActiveX controls just waiting to be called and exploited by this bug.

    Also note that some applications written in Visual Basic can also be exploited.

  5. Re:Almost... by SenseiLeNoir · · Score: 5, Interesting

    This is exactly the problem I fear. All it takes is one spammer/cracker to bulk mail a hundred of pictures to random HTML accounts (Hotmail, etc).. and you can see exactly where this is going to lead.

    Also those who use Firefox may not be 100% protected, because consider this scenario.

    1. Install Firefox
    2. Set Firefox as default browser
    3. Use MSN Messenger.
    4. MSN messenger pops up "you have new hotmail"
    5. Click link to see new mail, MSN Messenger opens up in INTERNET EXPLORER despite setting firefox as the default browser.
    6. You are owned.

    I am more concerned that after this, people may even mistakenly critisize Firefox, thinking that Firefox was there default browser, and that they got infected via firefox, instead of IE.

    "I set up this firefox thingie, and set it as a default browser, yet I still have a virus, by just reading my email. Firefox is just as bad as IE"

    A second attack vector could be to change the mimetype of the JPEG, causing Firefox to download, then open it in the system handler for JPEGS.. and a possibility of being owned that way.

    Still this may also be very good grounds for a class action against MS, as they are not honouring a users request NOT to use IE.

    This all goes to prove, MS is a security hole, that can even make secure applications appear insecure

    Ow, my head hurts from thinking of this.. let me get some Paracetamol.

    --
    Have a nice day!
  6. Re:I cannot help but grin ... by YetAnotherName · · Score: 4, Interesting

    of which you know nothing

    As a user of Microsoft products, I witness their lack of stability, their tendency to crash or exhibit bugs, and their uncanny ability of corrupting user data, and so forth. After putting up with them for so long, I know quite a bit about them.

    Moreover, I used to be an employee. I worked at the Redmond campus. I know both the quality exhibited on the outside, and the quality that goes into the products on the inside.

    I do indeed know something.

  7. THIS HAS NOT BEEN FIXED, url inside by Anonymous Coward · · Score: 5, Interesting

    http://sylvana.net/test/AP4.jpg

    will crash IE on an updated xp sp2 system.

  8. He knew it... by insac · · Score: 5, Interesting
    When I was in University there was an old professor who gave us to write relation about JPEG format with code examples...

    When we were leaving his room he gave us this advice: "Beware the JPEG virus". It was 9 years ago and he was quite old and sometimes he acted/talked nonsense so we made fun of his advice (we thought: since it was not an executable file, how could it bring a virus): but he was right and we were wrong..

    --
    This message doesn't need a sig