Oct. 17 - Oct. 22, 2004
Microsoft hole causes security concerns
 Affected JPEGS could allow PCs to be hijacked through various programs such as Word
 By Alessandro Cancian

Originally Published: 2004-10-10
A couple of weeks were enough for virus writers to exploit the latest, dangerous vulnerability in Windows XP. The hole, considered among the most severe of the last few years, can be used to gain control of somebody else's computer.
This dangerous exploit has surfaced after Microsoft, two weeks ago, disclosed a hole in a key component of its OS. This vulnerability was immediately classified as critical, because a specially designed image file could allow an aggressor to hijack a victim's PC. This spread alarm among security experts and antivirus producers, who recommend updating one's software and acting with caution. At present, experts say that the infected JPEGs cannot be called viruses or worms, because they lack the ability to reproduce on their own, but this could change some time in the near future.
The situation appears under control, but fear is just around the corner. When the infected image file is opened, its malicious code gets executed; it connects to the Internet, downloads about 2 MB of data, and installs a programme that enables one's PC to be remotely controlled. The malignant JPEG file needs only be visualized in one of the many vulnerable programmes, including Internet Explorer, MS Word, and MS Excel. Millions of surfers are at risk.
Vulnerable applications include Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It, and Digital Image Pro. For each of them Microsoft released an ad hoc patch. Security experts underscore that, although older versions of Windows (98 and 2000) are not at risk, some applications installed under these OSs might well be.
The most exposed users are those who surf with Internet Explorer; they could be victimized simply by visiting a website or opening an HTML email containing a 'bad' JPEG file. Internet Explorer, in fact, processes JPEGs before it caches them. That could also mean that desktops may become infected before antivirus software has a chance to work.

Page 1/...Page 2

Printable Version </ td> Email to a Friend
Voice Your Opinion Letter to the Editor


Home / Back to Top
>> Who We Are
>> Horoscope
>> Job opportunities
>> Advertising
>> Links
>> Search
   

Tandem Home | Contact Us | Privacy Policy
© Copyright 2003 Multimedia Nova Corporation (formerly known as Multimedia WTM Corporation) All Rights Reserved.