"Shortly after the initial proof of concept code was posted, some C language code was posted that would create a JPG file that starts a command prompt shell in Windows and opens a port. A hacking tool also became available that would allow anyone to create exploitable JPG files. On Monday, Easynews, a newsgroup service company reported getting the first JPG exploit virus.
As we recently reported
, the Windows graphics vulnerability, whereby under certain conditions an attacker can compromise any computer running Windows when the user simply looks at a page with a malicious jpeg image, has made its way into the wild
in the form of a virus. For the low down on this security danger, have a quick lookie here
, where you can read all about the "JPEGS of Death".
To protect yourself from this threat, we recommend that you install Windows XP Service Pack 2
, or update MS04-028