9 February 2010 		Iran to Enrich Uranium Despite Global Opposition
 ENG   RUS   PT   ITA   
Photo Forum Articles Feedback Advertising
Search the site:
Example: Yushchenko, Putin, Bush

The front page   
 Russia   World   Society   Science   Hotspots and Incidents   Opinion   Business 

Login:
@pravda.ru
Password:
Forgot?
  Register Now!
Photo galleries
Russia Begins to Celebrate Pancake Week
Russia Begins to Celebrate Pancake Week
Porsche 911 Turbo S Gets Ready To Be Unveiled Valentine's Day Premiers in LA











Article

Malicious code in JPEGs to download Trojan
Front page / World
28.09.2004 Source:
Increase font size
   Decrease font size   print version
Pages:

In a harbinger of security threats to come, hackers have exploited a newly announced flaw in Microsoft Corp. programs and begun circulating malicious code hidden in images that use the popular JPEG format.

BREAKING NEWS
Ukrainian Election Ends with Tymoshenko's Defeat
Yulia Tymoshenko In and Out Politics
More...

Software tools to create the malicious &to=http:// english.pravda.ru/society/2001/06/13/7633.html' target=_blank>images began appearing last month, and this week security experts saw images employing them posted on adult-oriented Usenet newsgroups.

To get the malicious code, a visitor must download the image and view it using Microsoft's Windows Explorer software, said Oliver Friedrichs, senior manager with Symantec Security Response, wrote Detroit Free Press.

The computer then contacts a server to obtain code that would let an attacker take over the machine remotely.

Friedrichs said the current exploit is fairly limited but that he expects future attempts to create malicious images that would work on the more popular Outlook and Internet Explorer programs, also made by Microsoft, says Wired News.

The code, which Easynews called a virus, does not have any &to=http:// english.pravda.ru/war/2003/03/22/44869.html ' target=_blank>mechanism to spread, antivirus-software company F-Secure said in its Weblog.

"These JPEGs did not replicate, so this is not a virus," the company said. "Apparently they tried to use these JPEGs to download &to=http:// english.pravda.ru/science/19/94/379/13534_virus.html ' target=_blank>Trojan (horse programs) to vulnerable computers, but the download sites should be down by now."

Both McAfee and Symantec have generic detection in their antivirus software for images that contain malicious code.

The JPEG flaw affects various versions of at least a dozen Microsoft software applications and operating systems, including Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It and Digital Image Pro.

The software giant has a full list of affected applications in the advisory on its &to=http:// english.pravda.ru/world/2002/09/17/36774.html' target=_blank>Web site. Windows XP Service Pack 2, which is still being distributed to many customers' computers, is not vulnerable to the flaw, CNET News informed.

Pravda.ru forum. The place where truth hurts

Yahoo  StumbleUpon  Google  Live  Technorati 

Scoop  del.icio.us  Digg  Sphinn  Furl  Reddit  Facebook 
Pages:
print version








All news About Pravda.Ru Site map Export news News partners STATISTICS
© 1999-2009. «PRAVDA.Ru». When reproducing our materials in whole or in part, hyperlink to PRAVDA.Ru should be made. The opinions and views of the authors do not always coincide with the point of view of PRAVDA.Ru's editors..
Rambler's Top100
Рейтинг@Mail.ru