Tuesday, September 28, 2004

i've lost count

Ok, kiddies, it's time for *this* weeks major Internet Explorer security flaw:

In a harbinger of security threats to come, hackers have exploited a newly announced flaw in Microsoft programs and begun circulating malicious code hidden in images that use the popular JPEG format.

Software tools to create the malicious images began appearing last month, and this week security experts saw images employing them posted on adult-oriented Usenet newsgroups.

To get the malicious code, a visitor must download the image and view it using Microsoft's Windows Explorer software, said Oliver Friedrichs, senior manager with Symantec Security Response.

The computer then contacts a server to obtain code that would let an attacker take over the machine remotely.

Are you getting that? Your computer can be remotely compromised by the simple act of viewing a page that has a specially formed jpeg picture. But only if you are using Internet Explorer. Your choice.

1 Comments:

Blogger Samuel John Klein Portlandiensis said...

Amazing.

I remember a point, so very long ago, when the only thing you had to worry about was character-based email, and the mantra was "There is no way to acquire a virus by merely reading your email".

Of course, between Safari and Netscape, (OS X, naturally), I have no virus fears. At least for now.
  Post a Comment
return to front page