The first images crafted to contain a malicious program that can take control of a PC have been found on the Internet. Security experts have been expecting such images to turn up after Microsoft revealed a weakness in the way Windows handles the popular JPEG format. Soon after this discovery, a program started circulating online that was written to exploit this bug.
The infected images were posted to a porn newsgroup at the start of October and were found by Usenet provider Easynews. Pictures containing the bug have been widely predicted following the discovery of the JPEG bug that afflicts more than a dozen Microsoft
programs. To fall victim to the infected pictures, users must view it using Windows Explorer.
Once in place, the code then tells the machine to contact a server on the Web to download another program that lets it be taken over remotely by an attacker. The partner server that held the remote control code has now been shut down. Microsoft played down the threat from the images. In a statement it said few people were likely to fall victim because of the series of steps they had to go through to get infected.
According to the Internet watchdog, the Internet Storm Centre, the poisoned images only crashed computers in tests, but added that working versions were probably close to being finished. It also said that infected images were starting to circulate on AOL Instant Messenger. Security firm F-Secure said that the few poisoned pictures posted on Usenet were not a virus because they do not replicate. Users who have updated their Windows XP machines with the SP2 update could still be at risk from this bug if they are running unpatched programs, such as Microsoft Office, that are vulnerable.
Microsoft is urging people to update their version of Windows and download patches to close the loophole. Some security firms have also produced tools that let users scan computers to see which machines are vulnerable to the exploit. Anti-virus firms have updated their software to recognise the signature of the virus-bearing images.
13/12/04
Subscribers 0
Fans 0
Followers 0
Followers