The Watch
The end of summer lull for viruses and worms continues. We’re still seeing new versions of RBots, and a new Bagle, but nothing with teeth.
The big news appears to be the anticipation of a viral exploit of the JPEG vulnerability that Microsoft patched earlier this month. Within days of the release of the security bulletin, there was proof of concept code available on the web.
As the exploit was analyzed by various security groups, it was found that it was similar to a four year old Netscape vulnerability reported by Openwall project.
Shortly after the initial proof of concept code was posted, some C language code was posted that would create a JPG file that starts a command prompt shell in Windows and opens a port. A hacking tool also became available that would allow anyone to create exploitable JPG files. On Monday, Easynews, a newsgroup service company reported getting the first JPG exploit virus. For more info, see our Top Threat.
This week we’ve only seen a couple of Windows security alerts, one for corporate users of Symantec firewall products, and another for home or small business users of Motorola wireless routers. See our Windows Security alerts and updates for more information.