With all the images out there, this next virus scares me. Enough that you can get the virus via internet files, JPEG virus is not something I am looking forward.Inside the JPEG Virus
By Jay Munro, PC Magazine
October 2, 2004
The Watch
The end of summer lull for viruses and worms continues. We're still seeing new versions of RBots, and a new Bagle, but nothing with teeth.
The big news appears to be the anticipation of a viral exploit of the JPEG vulnerability that Microsoft patched earlier this month. Within days of the release of the security bulletin, there was proof of concept code available on the web.
As the exploit was analyzed by various security groups, it was found that it was similar to a four year old Netscape vulnerability reported by Openwall project.
Shortly after the initial proof of concept code was posted, some C language code was posted that would create a JPG file that starts a command prompt shell in Windows and opens a port. A hacking tool also became available that would allow anyone to create exploitable JPG files. On Monday, Easynews, a newsgroup service company reported getting the first JPG exploit virus. For more info, see our Top Threat.
This week we've only seen a couple of Windows security alerts, one for corporate users of Symantec firewall products, and another for home or small business users of Motorola wireless routers. See our Windows Security alerts and updates for more information.
Source: http://www.eweek.com/article2/0,1759,1665764,00.asp
Find out more about virus: http://www.sarc.com/avcenter/venc/data/hacktool.jpegshell.html
PS And something left for discussion, did you know that 50% of viruses out there are created by the antivirus software makers.
posted