Slashdot Mirror

← Back to Stories (view on slashdot.org)

Public Exploit For Windows JPEG Bug

Posted by michael on from the here-comes-the-worm dept.

Khoo writes "A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software. Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way Microsoft's software processes JPEG graphics, could allow a program to take control of a victim's computer when the user opens a JPEG file." We mentioned this earlier.

4 of 509 comments (clear)

  1. Crashes IE on fully patched XP / SP2 machines by Anonymous Coward · · Score: 0, Offtopic

    Have a look before it gets slashdotted: http://sylvana.net/test/AP4.jpg

  2. Ooh, look! They saved the big bug for the election by Fantastic+Lad · · Score: 0, Offtopic
    People have known about this vulnerability for ages. Microsoft created the damned thing, for goodness sake. The people in charge of determining how JPEGs are processed when they return a data overflow ARE NOT THAT INCOMPETENT! This is NOT a bug.

    And it was carefully timed. The more fear and confusion on the web, the less attention will be given to the important issues, namely the election coming up in. . . How Many Days??

    For goodness sake, Gates is part of the Homeland clique; he's spent time in planning meets with Homeland honchos to better determine how Microsoft could 'help out'.

    Not that it actually matters. This is now merely an internal struggle between pawns; Kerry is just as much a dangerous bastard as Bush. . .

    WASHINGTON (AFP) - Democratic presidential candidate John Kerry's campaign blasted the Bush administration for "another national security failure" on Iran's nuclear program and urged that Tehran be threatened with tougher sanctions.

    Campaign spokesman Mark Kitchens told AFP that the White House's "arrogant unilateralism" had made it harder to get the necessary cooperation from European allies and the UN nuclear watchdog to rein in Iran's ambitions.

    He made his comments a day after a State Department spokesman expressed alarm over Iran's admitted program of uranium enrichment and declared that Tehran was making an "unrelenting push toward nuclear weapons capability."

    "Recent developments represent another national security failure for the Bush administration," Kitchens said as the Kerry campaign sharpened its attacks on President George W. Bush six weeks before the November 2 election.

    --That is, (pardon my editorializing), both parties, despite their surface disagreements, are pushing for an escalation against Iran. This is the exact same technique as was used against Iraq. There is almost no difference.

    Run a bunch of bullshit stories about the 'sudden' threat of Iranian nuclear intentions to gain a big, sloppy, predictable and easily directed emotional response from all the American twits and drones.

    Israel complains and whines that the UN should do something, despite the fact that there have been illegal nukes in the arsenals of the Promised Land for decades. Double standards, anyone? (Oh, I'm sorry. I forgot. The Zionists are the Good Guys. They're allowed to commit genocide so long as they own all the news papers and have it called 'anti-terrorism'.)

    The UN is bullied into creating a half-assed directive by which Iran can be observed, tested and punished if they don't meet some arbitrary dead-line.

    It doesn't matter what the heck the actual findings are when the UN inspectors are sent in, the American media and the psychopaths in government will simply tell lies and spin the hell out of everything to get what they want, which is. . .

    Cluster bombs in Iran, dead children, de-stablized government and CIA installed despot. Just like in Iraq. --And needless to say, all Americans between the ages of 19 and 38 carrying machine guns.

    The most ridiculous part is that EVERYBODY WILL FUCKING FALL FOR IT AGAIN. --Because Americans have been the subject of a century long campaign to make them poor, ignorant, fat, drugged, and retarded.

    A nuclear bomb in some American city set off by the Mossad or CIA in yet another false-flag operation around election time would be a good way to spur things along if this JPEG bullshit driving people away from the web doesn't prevent enough communication and public discourse.

    We'll see.


    -FL

  3. Re:goatse by Enigma_Man · · Score: 0, Offtopic

    Best idea EVAR!

    -Jesse

    --
    Nothing says "unprofessional job" like wrinkles in your duct tape.
  4. Re:goatse by idontgno · · Score: 0, Offtopic
    Re:goatse (Score:2) by MustardMan (52102) on Thursday September 23, @11:21AM (#10330108)
    I've come up with the ultimate computer exploit, ever. You make a jpg of goatse, with this exploited code in it. The exploit code runs an application which activates any webcams, if present, and starts taking pictures, which it then sends back to the 31337 h4x0r.

    Think of it, an entire gallery of horrified faces, kinda like in The Ring when people's faces went all nasty after watching the video.
    --
    I'll take anal bum cover for 500, Alex... That's "an album cover!"

    OMG, do you realize how sickeningly appropriate your .sig is just now!?!?

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.