JPEGS of Death

By Derek Sooman on October 4, 2004, 12:26 PM
"Shortly after the initial proof of concept code was posted, some C language code was posted that would create a JPG file that starts a command prompt shell in Windows and opens a port. A hacking tool also became available that would allow anyone to create exploitable JPG files. On Monday, Easynews, a newsgroup service company reported getting the first JPG exploit virus."

As we recently reported, the Windows graphics vulnerability, whereby under certain conditions an attacker can compromise any computer running Windows when the user simply looks at a page with a malicious jpeg image, has made its way into the wild in the form of a virus. For the low down on this security danger, have a quick lookie here, where you can read all about the "JPEGS of Death".

To protect yourself from this threat, we recommend that you install Windows XP Service Pack 2, or update MS04-028.




User Comments: 3

Got something to say? Post a comment
Didou said:
[quote][i]Originally posted by Phantasm66 [/i]To protect yourself from this threat, we recommend that you install [url=http://www.microsoft.com/technet/prodtechnol/winxppro/m
intain/winxpsp2.mspx]Windows XP Service Pack 2[/url], or update [url=http://www.microsoft.com/technet/security/bulletin/ms04
028.mspx]MS04-028[/url]. [/quote]So the critical update (MS04-028) is included in SP2 ?
me(who else?) said:
Linux isn't vulnerable, right? (I'm pretty sure it said that, but I thought there might be a vulnerability)
Mictlantecuhtli said:
Nitpicking aside, Linux and Mac are vulnerable too.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.