Please Scroll Down to See Forums Below 
Y_lifter
New member
Virus Writers Focus on JPG Image Bug
A critical weakness found in many Microsoft programs looks like it is about to be exploited by virus writers. The bug only came to light last week, but code is now circulating that could be used to attack vulnerable machines. Some security experts said conditions were right to turn the bug into a widely exploited problem. But others said there was still time to patch machines and ensure that virus writers were prevented from scoring a big success. Microsoft issued a critical security alert last week telling users that there were problems with the way Jpeg images are handled by Windows and many other programs it makes.
The alert said that, theoretically, a malicious attacker could take over a vulnerable machine using a carefully crafted image that contained code to exploit the bug. At the time the alert was issued, example code to exploit the bug had not been seen. However, sample code written for the bug appeared earlier this week, leading some to speculate that a virus written to use it would follow soon.
This could mean that users find their machine under attack when they view images on the web or when their e-mail program previews images contained in messages.
David Perry, from anti-virus firm Trend Micro. said one other reason for suspecting that a virus to exploit the Jpeg bug was imminent was the fact that the annual Virus Bulletin conference runs this week. "There's almost always a virus released during the Virus Bulletin conference because all the virus experts are away from home," he said. (BBC 09/23/04) back to top
A critical weakness found in many Microsoft programs looks like it is about to be exploited by virus writers. The bug only came to light last week, but code is now circulating that could be used to attack vulnerable machines. Some security experts said conditions were right to turn the bug into a widely exploited problem. But others said there was still time to patch machines and ensure that virus writers were prevented from scoring a big success. Microsoft issued a critical security alert last week telling users that there were problems with the way Jpeg images are handled by Windows and many other programs it makes.
The alert said that, theoretically, a malicious attacker could take over a vulnerable machine using a carefully crafted image that contained code to exploit the bug. At the time the alert was issued, example code to exploit the bug had not been seen. However, sample code written for the bug appeared earlier this week, leading some to speculate that a virus written to use it would follow soon.
This could mean that users find their machine under attack when they view images on the web or when their e-mail program previews images contained in messages.
David Perry, from anti-virus firm Trend Micro. said one other reason for suspecting that a virus to exploit the Jpeg bug was imminent was the fact that the annual Virus Bulletin conference runs this week. "There's almost always a virus released during the Virus Bulletin conference because all the virus experts are away from home," he said. (BBC 09/23/04) back to top
