Slashdot Mirror

← Back to Stories (view on slashdot.org)

Image Handling Flaw Puts Windows At Risk

Posted by Zonk on from the don't-click-there dept.

An anonymous reader writes "Microsoft has released word that several image handling flaws may open Windows PCs to Spyware or viruses. From the article: 'We will continue to see this type of vulnerabilities in every major application for the foreseeable future ... It is not just images, but any type of complex file format. This is something that security researchers and hackers have realized to be a weak point in many applications.'"

21 of 287 comments (clear)

  1. Huh? by Anonymous Coward · · Score: 5, Funny

    Windows wasn't open to spyware and viruses before?

  2. DUPE by 42Penguins · · Score: 4, Funny

    This vulnerability is a dupe!
    Windows has already had an image handling flaw!
    Oh, it's Windows. False alarm.

  3. Managed code by HeaththeGreat · · Score: 2, Funny

    This is why we need more managed code.

  4. Practice safe image viewing folks! by nizo · · Score: 5, Funny

    Or your computer could get an STD (Screenally Transmitted Disease) from viewing pornographic images.

    --
    I Am My Own Worst Enemy
    1. Re:Practice safe image viewing folks! by Crimsane · · Score: 2, Funny

      Phew, i'm safe.

      My computer has already been crippled from a number of trojans...

    2. Re:Practice safe image viewing folks! by oberondarksoul · · Score: 4, Funny

      I get enough funny looks from my housemates already. I am not putting a condom over my monitor.

      --
      And tomorrow the stock exchange will be the human race
  5. Ack! by rubberbando · · Score: 5, Funny

    So now not only will looking at the goatse picture make you vommit, it will take over your Windoze PC!

    Will the horrors ever stop?!!

    --
    DEAD DEAD DEAD DELETE ME
  6. So, Windoze merely has an image problem? by Anonymous Coward · · Score: 2, Funny

    It's not really a fundamental flaw?

  7. no no no... by soapdog · · Score: 1, Funny

    There's no such thing as vulnerabilities, all there's is Inteligent Bug. The exploits are there just to test your faith...

    --
    -- Por mais que eu ande no vale das trevas e da morte, meu PowerMac G4 Não Travará!!!
  8. Re:Critical Bug? by geomon · · Score: 1, Funny

    No, it also becomes a problem when/if the patch breaks something else, like it did with one of last months security fixes.

    Windows programs NEVER break applica.,M0$2;mfwe-23487.we

    --
    "Rocky Rococo, at your cervix!"
  9. To Finish Microsoft's Quote..... by Khyber · · Score: 1, Funny

    I love how Microsoft puts this... "We will continue to see this type of vulnerabilities in every major application for the foreseeable future..."

    Lemme finish off that ... for them. "... until we learn that integrating IE directly into the OS was the biggest fuckup we ever made."

    Seriously, why integrate something so seriously flawed into the OS? The only thing it'll do is make the system less stable and less secure.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  10. Re:Critical Bug? by Anonymous Coward · · Score: 1, Funny

    So usenet is dead?

  11. Re:Critical Bug? by geomon · · Score: 2, Funny

    So usenet is dead?

    Netcraft confirms it!

    --
    "Rocky Rococo, at your cervix!"
  12. Re:Critical Bug? by conJunk · · Score: 4, Funny
    What is the likelihood that users won't patch their machines?

    Well, it went up on the slashdot mainpage, so that likelihood for a great number of users is a lot lower than it would have been.

    The 35 users I'm responsible for just got an email instructing them on how to to do the patch, with links to the patch execs that now live on our local file server.

    This model -- (1) Microsoft announces it; (2) I hear about it on /. or security focus (usually both); (3) my users hear about it from me -- works well.

    Sure, that's a drop in the bucket for windows PCs, but the point is that the communication chanels are open, and as long as people have the oportunity to hear about these things, we can reasonably expect them to be responsible for implementing them

    Of course, that's not an excuse for making vulnerable software in the first place...

  13. Re:Critical Bug? by ozmanjusri · · Score: 4, Funny

    So usenet is dead?

    alt.binaries.necrophilia has been very quiet lately.

    --
    "I've got more toys than Teruhisa Kitahara."
  14. The real threat by griffinn · · Score: 3, Funny

    "Microsoft has released Word"

    That is the real threat, my friend.

  15. I've got the solution! by SeaFox · · Score: 3, Funny

    Only use plain text email and turn off all image loading in Internet Explorer!

    Not only will this stop the spread of viruses, it will drive hundreds of thousands of noobs off the internet. Usenet will be stored to it's former glory and AOL will go out of business. Marketshare of Linux and MacOSX will skyrocket and peace and balance will be restored to the Force!

  16. Re:An interesting question by cbiltcliffe · · Score: 5, Funny

    I was going to point out that "unnessacerally" was spelled incorrectly. I was then going to suggest that you could use Google as a spell checker, by typing your spelling into it, and seeing what it suggested with its "Do you mean...." thing.

    Then I went and typed that spelling into Google, and found out that enough people have spelled it incorrectly on the web that Google doesn't know how to correct it, and suggests another incorrect spelling.

    Correct spelling is "unnecessary".

    Now, mod me down as a pedantic twit.

    --
    "City hall" in German is "Rathaus" Kinda explains a few things......
  17. Re:Critical Bug? by drsmithy · · Score: 2, Funny
    I don't trust Microsoft [...]

    Then why would you try to install the patch in the first place ? Heck, why would you even be running Windows ?

  18. Re:I like this line of Grade-A bullshit.... by Anonymous Coward · · Score: 1, Funny

    IOW--The real problem is LAZY PROGRAMMERS

    Most programmers are fat. Most fat people are lazy (how do you think they got fat in the first place?).

    Solution: HIRE SKINNY PROGRAMMERS

    you think I'm joking but I'm fucking serious! discrimination sucks? LOSE WEIGHT!

  19. Re:what is wrong with that code by UncleFluffy · · Score: 4, Funny

    The code was different when I posted it. As usual, Slashdot eats my punctuation

    Yeah, yeah, "the dog ate my homework". Heard it before ... ;-)

    --

    What would Lemmy do?