Windows JPEG Exploit Ventures Into The Wild

KingFishKingFish
edited September 2004 in Science & Tech
The first example of a working program designed to exploit a bug in Microsoft's GDI+ library—which allows malicious code to be run simply by viewing a JPEG image—has been found in the wild.
EasyNews, a provider of Usenet newsgroup services, claimed it had already found two images containing code designed to take advantage of the flaw—by downloading remote control software to infected machines. In theory, this would give the creators of the images access to both files on infected machines, as well as giving them the ability to run remote programs on them. According to a posting on EasyNews' Web site, the company "wrote a quick and nasty script to scan every JPEG that comes onto EasyNews.com. It paged my cell phone at 6:47 p.m. PDT on Sept. 26 for the first hit, and 7:52 p.m. PDT for the second hit." "Once this JPEG overflowed GDI+, it phoned home, connected to an FTP site and downloaded almost 2MB of stuff. It installs a Trojan that installs itself as a service."
Yay, more virii. -KF

Source: eWeek

Comments

  • TheSmJTheSmJ
    edited September 2004
    Just get SP2 and update MS Office. It's not all that hard to get around.
Sign In or Register to comment.