Friday, October 01, 2004

Yet another security hole in Windows

Two weeks ago, TheRegister reported that Microsoft had issued a warning about the latest security hole in Windows: "The security hole is a buffer overflow that potentially allows an attacker to craft a special JPEG file that would take control of a victim's machine when the user views it through Internet Explorer, Outlook, Word, and other programs. The poisoned picture could be displayed on a website, sent in email, or circulated on a P2P network." (You can find the original warning note from Microsoft here. The BBC report linked below, lists the operating systems and programmes that are vulnerable to this defect; suffice it to say that every Microsoft product you have heard of is affected.)

The BBC now reports that the first images created to exploit this vulnerability have shown up on the Internet. The treated images were posted to a porn newsgroup last weekend and were discovered by Easynews.

Is it necesssary to mention that this problem does not affect Macs? (Or for that matter Linux, Solaris, BSD Unix, ...)

0 Comments:

Post a Comment

<< Home