Inside the JPEG Virus

By Jay Munro  |  Posted 2004-10-02 Email Print this article Print
 
 
 
 
 
 
 

This threat is now in the wild. Could you be at risk? Plus: Learn to use Windows Safe mode and recover your system. (PC Magazine)

The Watch

The end of summer lull for viruses and worms continues. We're still seeing new versions of RBots, and a new Bagle, but nothing with teeth.

The big news appears to be the anticipation of a viral exploit of the JPEG vulnerability that Microsoft patched earlier this month. Within days of the release of the security bulletin, there was proof of concept code available on the web.

As the exploit was analyzed by various security groups, it was found that it was similar to a four year old Netscape vulnerability reported by Openwall project.

Shortly after the initial proof of concept code was posted, some C language code was posted that would create a JPG file that starts a command prompt shell in Windows and opens a port. A hacking tool also became available that would allow anyone to create exploitable JPG files. On Monday, Easynews, a newsgroup service company reported getting the first JPG exploit virus. For more info, see our Top Threat.


 
 
 
 
 
 
 
 
 
Manage your Newsletters: Login   Register My Newsletters