Thursday, September 23, 2004

Code to exploit Windows graphics flaw now public !

Code to exploit Windows graphics flaw public !
but not b'fore a patch :)

A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format. ( jpeg )

Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way JPEG graphics is processed, could allow a program to take control of a victim's computer when the user opens a JPEG file.

windows users could fall prey to an attack just by visiting a Web site that has JPEG images.

" incidentally the exploit became public after the patch was released! users on SP2 rest easy ur systems are by now updated :) "

No comments: