Security Firm Finds Program to Create JPEGs Exploiting Microsoft Flaw
- By Scott Bekker
Panda Software reported finding a tool on black hat hacker sites that can be used to create files in the JPEG image format that exploit the vulnerability in Microsoft's JPEG processing component.
Microsoft patched the flaw on Sept. 14 in security bulletin MS04-028, but because the flaw affects so many products and the patch must be applied to each of the applications on every system, it is a difficult patch to apply.
Officials with Panda Software said the attacker tool, called JPGTrojan.C, allows a user to create several payloads that can be included in the malicious image file. They include payloads to add a new user to the infected computer and grant that user administrative rights, specify a port to be opened to allow remote access to the computer, specify a remote IP address and a port and establish a connection or download an executable file and run it.
The Microsoft bulletin is available here.
Scott Bekker is editor in chief of Redmond Channel Partner magazine.