Malicious Jpeg Code
Chaos_Llama
Join Date: 2004-04-23 Member: 28124Members
Join Date: 2004-04-23 Member: 28124Members
<div class="IPBDescription">:O</div> <!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Exploit Code Appears for MS Graphics Flaw
By Michael Myser
September 23, 2004
Just a week after Microsoft released a patch to plug a security flaw in the way at least 13 of its programs handle the JPEG imaging format, code appeared on the Internet on Wednesday showing how to exploit those holes. Though this exploit code alone is not a threat, it will likely be a jumping-off point for the next round of PC attacks.
The proof-of-concept code demonstrates the ability to execute commands through the JPEG exploit and, if altered, could allow infected PCs to be controlled by attackers.<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
This is some seriously scary stuff. Not only is Windows affected, but many applications are too.
More info about this flaw at: <a href='http://www.eweek.com/article2/0,1759,1650710,00.asp?kc=EWRSS03129TX1K0000610' target='_blank'>http://www.eweek.com/article2/0,1759,16507...3129TX1K0000610</a>
Download the fixes at: <a href='http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx' target='_blank'>http://www.microsoft.com/technet/security/...n/ms04-028.mspx</a>
By Michael Myser
September 23, 2004
Just a week after Microsoft released a patch to plug a security flaw in the way at least 13 of its programs handle the JPEG imaging format, code appeared on the Internet on Wednesday showing how to exploit those holes. Though this exploit code alone is not a threat, it will likely be a jumping-off point for the next round of PC attacks.
The proof-of-concept code demonstrates the ability to execute commands through the JPEG exploit and, if altered, could allow infected PCs to be controlled by attackers.<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
This is some seriously scary stuff. Not only is Windows affected, but many applications are too.
More info about this flaw at: <a href='http://www.eweek.com/article2/0,1759,1650710,00.asp?kc=EWRSS03129TX1K0000610' target='_blank'>http://www.eweek.com/article2/0,1759,16507...3129TX1K0000610</a>
Download the fixes at: <a href='http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx' target='_blank'>http://www.microsoft.com/technet/security/...n/ms04-028.mspx</a>
Comments
That's sad. Not even .jpgs are safe to download anymore.
Here's a tool that works: <a href='http://isc.sans.org/gdiscan.php' target='_blank'>GDIScan</a>
<a href='http://it.slashdot.org/article.pl?sid=04/09/27/1649256&tid=172&tid=128&tid=109&tid=1' target='_blank'>Here's</a> the slashdot article on it.
All the DLLs are Microsoft's, they're just installed as duplicates with other apps. Such as MS Office. The Office DLLs are still vulnerable on my system at least.