Slashdot Mirror

← Back to Stories (view on slashdot.org)

Public Exploit For Windows JPEG Bug

Posted by michael on from the here-comes-the-worm dept.

Khoo writes "A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software. Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way Microsoft's software processes JPEG graphics, could allow a program to take control of a victim's computer when the user opens a JPEG file." We mentioned this earlier.

2 of 509 comments (clear)

  1. Re:Patch is Already Out by Jeffv323 · · Score: 0, Redundant

    The patch for this one is already out. ... and is available :)

    OK mods, now give me a +5 Informative for my hard work!

    --
    I'm a minister!
  2. The problem is within a graphics library by BinaryOpty · · Score: 0, Redundant

    A lot of posts around here are running around acting as if each individual Microsoft program has a problem specific to that program which is entirely false. Just like with the libPNG exploit, this exploits a graphics library: GDI+. It's the library's fault why this affects so many programs: they used the library in all of them.