Windows JPEG Exploit seen in the wild!

By Derek Sooman on September 30, 2004, 1:12 PM
"The first example of a working program designed to exploit a bug in Microsoft's GDI+ library—which allows malicious code to be run simply by viewing a JPEG image—has been found in the wild."

Apparently, EasyNews (provider of Usenet newsgroup services) has uncovered two images which contain the necessary code to exploit the flaw. The code would make it possible for the compromised PC to have programs ran on it remotely by a malicious attacker, as well as giving the creators of the images access to files on infected machines.

To avoid problems with this security flaw, readers are advised to upgrade their XP installations to Service Pack 2, and to visit Windows update for any other relevant patches. Office 2003 should also be upgraded to the latest service pack. (Additionally, you should upgrade your virus definitions to the latest versions, and install firewall software such as Zonealarm.)

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.