Microsoft JPEG exploit might result into a worm

Sushubh

Administrator
[OP]
Oct 29, 2004
413,661
12,751
Gurugram
This flaw has been in news for sometime and Microsoft has already released the required patches and updates. But the vast number of machines running Windows platform and the other affected applications means that securing of all the machines would require no less than a miracle. The flaw resides in the way Microsoft software processes JPEG files and empowers the image file to run malicious program over user’s machine. The user just has to load the image in the infected programs to trigger the code!

Unfortunately, there is already a tool (codenamed JPEG of Death creation kit) released by a group of hackers, which can be upgraded to generate instances of these exploiting images. Some of the softwares that are affected by this bug are Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It and Digital Image Pro. Fortunately, Windows XP SP2 contained the patch for the operating system. However, users still have to get the patches for the other applications installed on their system. The patch is available on the Microsoft Website here.

Microsoft JPEG exploit might result into a worm soon