News

Exploit Code Circulating for JPEG Flaw

The seriousness of an already critical flaw in the way a Microsoft component processes JPEG files got ratcheted up a notch this week as exploit code began circulating.

Microsoft released security bulletin MS04-028, which included patches for the flaw, on Sept. 14. In the worst case, the flaw could allow a remote attacker to take complete control of a user's computer over the Internet.

This week, several security experts have reported seeing exploit code, which opens a command line on the user's machine. Widely available exploit code is often a precursor to major worms or automated hacking tools, the kinds of things that make theoretical problems into actual crises.

"Over the last 24hrs, several exploits taking advantage of the JPEG GDI vulnerability (MS04-028) have been released. We expect a rapid [development] of additional exploits over the next few days," according to the Thursday handler's diary maintained by the SANS Institute.

The JPEG flaw arises from a Microsoft component responsible for processing JPEG images. It is a critical problem for Windows XP, Windows XP with Service Pack 1, Windows Server 2003, Internet Explorer 6 with Service Pack 1, Outlook 2002, Outlook 2003, the .NET Framework 1.0 with Service Pack 2 and the .NET Framework 1.1. It qualifies as an important security problem for dozens of other Microsoft products.

Microsoft warned that several third-party applications may also use the flawed component. SANS on Thursday also provided a GDI Scanner, which helps administrators find third-party versions of the component on their systems. A link to the tool is available from the SANS site (isc.sans.org/diary.php?date=2004-09-23).

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • How To Use .CSV Files with PowerShell, Part 1

    When it comes to bulk administration, few things are handier than .CSV files. In this two-part series, Brien demos his top techniques for working with .CSV files in PowerShell. First up: How to create a .CSV file.

  • SameSite Cookie Changes Rolled Back Until Summer

    The Chromium Project announced on Friday that it's delaying enforcement of SameSite cookie changes, and is temporarily rolling back those changes, because of the COVID-19 turmoil.

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.