Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Re: Windows Flaw Lets Viruses Spread Via JPEGs

Reply
Thread Tools

Re: Windows Flaw Lets Viruses Spread Via JPEGs

 
 
Colonel_Flagg
Guest
Posts: n/a
 
      09-26-2004

I believe I mentioned something to this effect over a year ago.




/CF


In article <1096091095.SNSeiEr+78YAmHymJyn9yQ@teranews>,
http://www.velocityreviews.com/forums/(E-Mail Removed) says...
> REDMOND, Wash. -
> It's one thing to say a particular image bugs you, but it's something else
> again for someone to take it a little too literally: Hackers are believed
> closer to figuring out how to spread computer viruses just by getting you to
> open an e-mail or visit a Website that includes a contaminated .jpeg image.
>
> Several computer security experts are warning that a new security flaw in
> Microsoft Windows XP and Server 2003 is prone to new tools the hacker world
> is developing to take control of people's computers - a flaw in the computer
> code that displays .jpeg image files, through which hackers embed viruses
> into digital photographs the minute you visit an infected Website or open a
> specially-designed e-mail.
>
> Microsoft identified the flaw a week ago and has since issued a patch for
> it, but this isolates a shift in how security experts are urging less
> tech-savvy Netizens to stay safe, according to several reports. "We always
> said there's no way you can be infected [with a computer virus] just by
> looking at a photograph online, but now it looks like we may have to eat our
> words on that," said SANS Internet Storm Center and former White House
> cyberspace security advisor Marcus Sachs to reporters. "This year we've seen
> a lot of changes to the fundamental ways we thought we were secure."
>
> TruSecure Corp. chief scientist Russ Cooper believes it's pretty likely
> you'll see one or another kind of malicious code target the Microsoft flaw
> "very soon. The security hole is just too attractive for the bad guys to
> pass up."
>
> The Washington Post said this kind of malware infection could "give new life
> to a kind of Internet threat that so far has been the stuff of myths and
> hoaxes. For years, Internet chain letters have warned users to be on the
> lookout for viruses or worms that can wreak digital havoc just by getting
> people to open an e-mail message. In reality, most viruses arrive as e-mail
> attachments and do not activate unless the user opens the attachment."
>
> Cooper said most companies don't really see digital images as virus threats
> and usually let them pass undisrupted through corporate firewalls, but the
> Post said security experts' fears stem from a big change in how fast virus
> writers jump on discovered vulnerabilities to take over home and business
> computers alike. Norton AntiVirus makers Symantec earlier this week issued a
> six-month analysis saying it is now less than six days between the
> announcement of a software flaw and the arrival of malware aimed at
> exploiting it.
>
>
>


--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."
 
Reply With Quote
 
 
 
 
Jim Watt
Guest
Posts: n/a
 
      09-26-2004
On Sun, 26 Sep 2004 03:17:53 -0400, Colonel_Flagg
<colonel_flagg@_NOSOUPFORJ00_internetwarzone.org > wrote:

>
>I believe I mentioned something to this effect over a year ago.
>


The curent problem is restricted to the GDI+ module which is part
of the .net framework, so its not present otherwise.

Its not like an inherrent flaw in IE

--
Jim Watt
http://www.gibnet.com
 
Reply With Quote
 
 
 
 
Lady Chatterly
Guest
Posts: n/a
 
      09-26-2004
In article <(E-Mail Removed)>,
Jim Watt <(E-Mail Removed)_way> wrote:
>
>On Sun, 26 Sep 2004 03:17:53 -0400, Colonel_Flagg
><colonel_flagg@_NOSOUPFORJ00_internetwarzone.or g> wrote:
>
>>
>>I believe I mentioned something to this effect over a year ago.
>>

>
>The curent problem is restricted to the GDI module which is part
>of the .net framework, so its not present otherwise.


I understand.

--
Lady Chatterly

"Hey Meat-->Retard, meet your replacement, Lady C! All the pointless
stupidity in a followup I could ever want and more! And it's
automated! With "Brand X" programming! Oh, oh you're obsolete now,
mother ****er. -- Onideus Mad Hatter
 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      09-26-2004
In article <(E-Mail Removed)>,
colonel_flagg@_NOSOUPFORJ00_internetwarzone.org says...
>
> I believe I mentioned something to this effect over a year ago.


And if you do automatic updates nightly at any time, you're already
protected.

--
--
(E-Mail Removed)
(Remove 999 to reply to me)
 
Reply With Quote
 
FrozenNorth
Guest
Posts: n/a
 
      09-26-2004
On this fine day Leythos tossed the following into the public domain:

> In article <(E-Mail Removed)>,
> colonel_flagg@_NOSOUPFORJ00_internetwarzone.org says...
>>
>> I believe I mentioned something to this effect over a year ago.

>
> And if you do automatic updates nightly at any time, you're already
> protected.
>

Obviously you haven't seen the GDI+ detection tool on windows update, it
will not fix all problems without user help.
--
Froz ...
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
The latest conservative obsession - dutifully spread via Sarah Palin's Facebook page "Death panels" for military veterans. NotMe Computer Support 0 08-24-2009 08:51 PM
The latest conservative obsession - dutifully spread via Sarah Palin's Facebook page "Death panels" for military veterans. NotMe Computer Support 0 08-24-2009 08:47 PM
WINDOWS Wi-Fi Flaw Lets Others See Your Stuff Au79 Computer Support 8 01-24-2006 06:11 PM
Outlook TNEF flaw could be much worse than WMF flaw Au79 Computer Support 0 01-13-2006 10:48 PM
'Dumb' users spread viruses Ionizer Computer Support 8 02-08-2004 02:18 AM



Advertisments