Phantasm66
Posts: 4,909 +8
"The first example of a working program designed to exploit a bug in Microsoft's GDI+ library—which allows malicious code to be run simply by viewing a JPEG image—has been found in the wild."
Apparently, EasyNews (provider of Usenet newsgroup services) has uncovered two images which contain the necessary code to exploit the flaw. The code would make it possible for the compromised PC to have programs ran on it remotely by a malicious attacker, as well as giving the creators of the images access to files on infected machines.
To avoid problems with this security flaw, readers are advised to upgrade their XP installations to Service Pack 2, and to visit Windows update for any other relevant patches. Office 2003 should also be upgraded to the latest service pack. (Additionally, you should upgrade your virus definitions to the latest versions, and install firewall software such as Zonealarm.)
Apparently, EasyNews (provider of Usenet newsgroup services) has uncovered two images which contain the necessary code to exploit the flaw. The code would make it possible for the compromised PC to have programs ran on it remotely by a malicious attacker, as well as giving the creators of the images access to files on infected machines.
To avoid problems with this security flaw, readers are advised to upgrade their XP installations to Service Pack 2, and to visit Windows update for any other relevant patches. Office 2003 should also be upgraded to the latest service pack. (Additionally, you should upgrade your virus definitions to the latest versions, and install firewall software such as Zonealarm.)
