Inside the JPEG VirusBy Jay Munro | Posted 2004-10-02 Email Print
This threat is now in the wild. Could you be at risk? Plus: Learn to use Windows Safe mode and recover your system. (PC Magazine)The Watch
The end of summer lull for viruses and worms continues. We're still seeing new versions of RBots, and a new Bagle, but nothing with teeth.
The big news appears to be the anticipation of a viral exploit of the JPEG vulnerability that Microsoft patched earlier this month. Within days of the release of the security bulletin, there was proof of concept code available on the web.
As the exploit was analyzed by various security groups, it was found that it was similar to a four year old Netscape vulnerability reported by Openwall project.
Shortly after the initial proof of concept code was posted, some C language code was posted that would create a JPG file that starts a command prompt shell in Windows and opens a port. A hacking tool also became available that would allow anyone to create exploitable JPG files. On Monday, Easynews, a newsgroup service company reported getting the first JPG exploit virus. For more info, see our Top Threat.