iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > JPEG's No Longer Safe For Viewing?
Search:
[ insider_reports_insider ]

JPEG's No Longer Safe For Viewing?



Jeremy L. Muncy
Staff Writer
2004-09-15

SecurityProNews: Insider Reports Insider Reports RSS Feed


Yesterday, Microsoft released a patch for a flaw in the way their operating systems and other software process the widely used JPEG image format. The flaw potentially allows hackers to create an image file capable of executing malicious code on an unsuspecting user's computer.

Don't Let Them Take Your PC Hostage...
Don't Let Them Take Your PC Hostage...

Internet Explorer is vulnerable to this flaw, this means that people who us IE could fall subject to an attack just by visiting a Web site that has affected images on it.

"The potential is very high for an attack," said Craig Schmugar, virus research manager for security software company McAfee. "But that said, we haven't seen any proof-of-concept code yet." Such code illustrates how to abuse flaws and generally appears soon after a software maker publishes a patch for one of its products.

This JPEG flaw affects at least a dozen Microsoft software applications and operating systems, which include Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It and Digital Image Pro. Microsoft has a full list of the affected products on their website.

Sniffing Worm On The Loose. A new worm has been released that comes equipped with network-sniffing software that allows it to scour for passwords from other computers connected to the infected PC.

The variant of the SDbot worm opens a back door for hackers and then reports back the stolen information using a network sniffer and keystroke logger embedded in the code.

"The complete SDBot family is dangerous, but it's not spreading that fast so our risk rating is low," said Raymund Genes, European president of Trend Micro. "The SDBot is perfect for spying, but anyone with updated antivirus protection should be fine."

Microsoft's Anti-Spam Solution A No Go. The IETF, The Internet Engineering Task Force, has rejected Microsoft's technical contribution to the Sender ID proposal.

Microsoft's proposals have already been opposed by the open source community; most are concerned with the licensing terms. The Apache Software Foundation and Debian have said that they would not deploy the scheme.

"There is at least rough consensus that the participants of the working group cannot accurately describe the specific claims of the patent application", said Andrew Newton, co-chair of the IETF working group reviewing Sender ID with other members.

The IETF has said they will continue to evaluate the Sender ID technology.

Microsoft has released a statement stating they still have support from key industry players. "AOL, Cloudmark, IronPort, VeriSign, Bell Canada and the 54-member Email Service Provider Coalition have voiced support for the Sender ID licence offered by Microsoft".

Patch Fixes DoS Flaw For Samba. The most recent version of the Samba software fills a hole that could allow denial of service (DoS) attacks to disrupt networks. Samba allows Windows files and printers to be shared by Unix and Linux systems.

If Samba was subject to a DoS attack they could have been disconnected from the server by either overrunning the computer's memory to such an extent that it cannot function or by sending a specially crafted network request that would crash the NetBIOS function.

"We have not had any reports in the wild of these" flaws being used by attackers, said Gerald Carter, a member of the Samba Team.

Hackers Going After Symantec DoS Style. Following the latest MyDoom worm where the authors asked for jobs in the anti-virus industry, a new variant is designed to launch a DoS attack against Symantec.

"The latest version of MyDoom, W32/MyDoom-X, attempts to launch a denial-of-service attack against Symantec's Web site on September 29th," said Graham Cluley, senior technology consultant at antivirus firm Sophos.

The upcoming attack against Symantec's Web site would not be the first MyDoom DoS attack. Earlier this year, the SCO Web site was knocked out by a DoS attack.


About the Author:
Jeremy Muncy is the editor of http://www.SecurityProNews.com.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds