.
  Lightstalkers
* My Profile My Galleries My Networks

Windows Virus Warning for Malicious 'Jpeg' Files

Apparently Windows (from 98 thru to XP) has a new vulnerability concerning image files...<br/>
An official security update isn't available till Jan 10th. Of course we all handle those<br/>
files back and forth every day, so it's a significant risk for photographers using Windows.<br/>
<br/>
The attacking image can arrive in an email or come from a maliciously <br/>
designed web page. The filename of the image can end in something innocuous <br/>
such as GIF or JPG. This is because Windows, when it displays an image, <br/>
checks the true format of the image rather than its filename. So if the <br/>
disguised &quot;GIF&quot; or &quot;JPG&quot; image is in fact in WMF format, Windows will treat <br/>
it as being in WMF format and will infect itself automatically when it <br/>
tries to display the image.<br/>
<br/>
&quot;a new wave of attacks (exploits) a flaw in the way versions of Windows from 98 through<br/>
to XP handle malicious files in the WMF (Windows Metafile) format. One such attack<br/>
arrives in an e-mail message entitled &quot;happy new year,&quot; bearing a malicious file<br/>
attachment called &quot;HappyNewYear.jpg&quot; that is really a disguised WMF file.<br/>
<br/>
Even though the file is labelled as a JPEG, Windows recognizes the content as a WMF<br/>
and attempts to execute the code it contains.&quot;<br/>
<br/>
A report from TechWorld. <br/>
<a href="javascript:ol('http://www.techworld.com/security/news/index.cfm?NewsID=5070');">http://www.techworld.com/security/news/index.cfm?NewsID=5070</a> - <br/>
<br/>
<a href="http://msnbc.msn.com/id/10684853/">http://msnbc.msn.com/id/10684853/</a><br/>
<br/>
report from the Financial Times. Jan 3rd:<br/>
<br/>
&quot;The potential [security threat] is huge,&quot; said Mikko Hypp&ouml;nen, chief research<br/>
officer at F-Secure, an antivirus company. &quot;It's probably bigger than for any<br/>
other vulnerability we've seen. Any version of Windows is vulnerable right now.&quot;<br/>
<br/>
The flaw, which allows hackers to infect computers using programs maliciously<br/>
inserted into seemingly innocuous image files, was first discovered last week.<br/>
<br/>
But the potential for damaging attacks increased dramatically at the weekend<br/>
after a group of computer hackers published the source code they used to exploit<br/>
it. Unlike most attacks, which require victims to download or execute a suspect<br/>
file, the new vulnerability makes it possible for users to infect their<br/>
computers with spyware or a virus simply by viewing a web page, e-mail or<br/>
instant message that contains a contaminated image.<br/>
<br/>
&quot;We haven't seen anything that bad yet, but multiple individuals and groups are<br/>
exploiting this vulnerability,&quot; Mr Hypp&ouml;nen said. He said that every Windows<br/>
system shipped since 1990 contained the flaw.<br/>
<br/>
Microsoft said in a security bulletin on its website that it was aware that the<br/>
vulnerability was being actively exploited. However an official patch to correct<br/>
the flaw was not expected to be released until January 10. &quot;<br/>
<br/>
<a href="javascript:ol('http://blogs.guardian.co.uk/askjack/2006/01/imortant_windows_wmf_metafile.html');">http://blogs.guardian.co.uk/askjack/2006/01/imortant_windows_wmf_metafile.html</a> <br/>
<br/>
- a report from the Guardian, giving more technical details and <br/>
recommendations for protecting your computer.<br/>

by [a former member] at 2006-01-05 06:23:33 UTC (ed. Mar 12 2008 ) London , United Kingdom | Bookmark | | Report spam→

thank god for Apple
Paul

by Paul Blandford | 05 Jan 2006 06:01 | Addias ababa, Ethiopia | | Report spam→

Get notified when someone replies to this thread:
Feed-icon-10x10 via RSS
Recommended
Icon_email via email
You can unsubscribe later.

More about sponsorship→

Participants

Paul Blandford, photojournalist Paul Blandford
photojournalist
By The Pool, At The Bar In Cyprus , Germany ( FRA )


Keywords

Top↑ | RSS/XML | Privacy Statement | Terms of Use | support@lightstalkers.org / ©2004-2014 November Eleven