Operating System » MS Windows » MS Security » Alert: MS Security Bulletins » Sep 2004 Microsoft Security Bulletin: » Jpeg exploit virus appears

Jpeg exploit virus appears

A virus designed to exploit a recent disclosed hole in Internet Explorer is already doing the rounds on the Internet. Security experts have warned it could allow remote attackers to take full control of vulnerable Windows machines.

The exploit takes advantage of a flaw in the way Microsoft applications process jpeg image files, a common format for displaying images on the Web. Microsoft designated the flaw a "critical" problem and released a software patch for it, MS04-028. A Windows user would have to open a jpeg file that had been modified to trigger the flaw using a wide range of applications, such as the Explorer browser or Outlook.

The exploits create a jpeg file formatted to trigger an overflow in a common Windows component called Gdiplus.dll.  The first exploit opens a command shell on a vulnerable Windows system when the rigged file is opened using Windows Explorer, an application for browsing file directories on Windows systems.  The second exploit further modifies the attack code to add a new administrator-level account, named simply "X," to affected Windows systems when a jpeg file is opened through Explorer. The account could then be used by the attacker to log-in to the machine using standard Windows networking features

Updated On: 15.02.17

Leave your message, comment or feedback:
Your Name (shown) & Your E-mail (hidden) is used only to alert you when someone reply your message.