|
|
A brand new wrinkle on the problem -- a virus that can be transmitted via a jpeg. You are reading this right -- it's now possible to get a virus just by viewing a JPG. Particularly in a MS program like Outlook or IE (one of the nearly infinite reasons why I use other products to do my web work). Rev Bob has some good deatils on what the virus does and how to defeat it.
Posted by Casper at September 29, 2004 12:54 AMThanks for the kind words. Yup, it appears to be true.
It's doubly ironic (I hope you don't mind, but there didn't seem to be a place to put this in my article). Back in 1995 there was a hoax about a JPEG virus, which was widely considered to be impossible. I'm not going back to look at my USENET postings, because I'm sure I said it myself.
Then a little later on, there really was a sort of JPEG virus, the payload was steganographically hidden in a normal looking JPEG, but it relied on a separate executable to do its damage. So nobody I know thinks that counts.
So that was one irony: some people are bound to think because the others were false alarms, this one is too. No such luck. It's real.
The other irony is, the virus took advantage of an improvement in gdiplus.dll. At the very same time they were spending a fortune on a Trustworthy Computing PR campaign, some poor schlub of an engineer at Microsoft managed to create a brand new buffer overflow vulnerability right under their noses.
Posted by: Rev. Bob at September 29, 2004 04:34 PM