Saturday, September 25, 2004

JPEG Exploit on the Loose

The Register has the story. It was only a matter of time, really.

A toolkit designed to exploit a recently-disclosed Microsoft JPEG vulnerability has been released onto the net. The toolkit makes it trivially easy for maliciously-minded attackers, however unskilled they might be, to exploit unpatched Windows systems and run malicious code.

The attack mechanism used here takes advantage of a recently discovered flaw in the way Microsoft applications process JPEG image files. Malformed JPEG files are capable of triggering a buffer overflow in a common Windows component (the GDI+ image viewing library), it was revealed last week. This behaviour creates a ready mechanism to inject exploit code into vulnerable systems. Windows XP and Windows Server 2003 make use of vulnerable library by default. Other Windows OSes might be vulnerable, depending on what applications users have installed.


Post a Comment

<< Home