Microsoft Warns of Critical JPEG Flaw

Discussion in 'Current Events' started by 5300cs, Sep 14, 2004.

  1. 5300cs macrumors 68000

    5300cs

    Joined:
    Nov 24, 2002
    Location:
    japan
    #1
    The article:

    Handling of images could allow an attacker to take over your PC.


    Joris Evers, IDG News Service

    Tuesday, September 14, 2004


    A security flaw in the way many Microsoft applications process JPEG images could allow an attacker to gain control over a computer running the software, Microsoft warned this week.


    Any program that processes JPEG images could be vulnerable, Microsoft says in Security Bulletin MS04-028. To take advantage of the flaw, an attacker would have to persuade a user to open a specially crafted image file. The image could be hosted on a Web site, included in an e-mail or Office document, or hosted on a local network, Microsoft says.


    A wide range of Microsoft software, including various versions of its Windows and Office products, is vulnerable. Additionally, applications created with Microsoft's Visual Studio developer tool or the .Net Framework and third-party applications that distribute their own copy of the vulnerable JPEG parsing engine may also be vulnerable, Microsoft says.


    Software updates to correct the flaw in its products are available from Microsoft. The software maker also offers a tool to scan a PC for certain installed products that are known to contain the vulnerable JPEG image processing engine.


    Microsoft rates the flaw "important" for many of its products, but "critical" for Outlook versions 2002 and 2003, Internet Explorer 6 with Service Pack 1, Windows XP and Windows XP with Service Pack 1, Windows Server 2003, and the .Net Framework 1.0 with Service Pack 2 and .Net Framework 1.1, according to the Security Bulletin.


    In Microsoft's rating system for security issues, vulnerabilities that could allow a malicious Internet worm to spread without any action required on the part of the user are rated critical. Issues that will not lead to the spread of a worm without any action taken by the user, but could still expose user data or threaten system resources, are rated important.


    The JPEG flaw was reported privately to Microsoft and it was not disclosed prior to the release of the warning and patches, the software maker says. There have been no reports of the issue being exploited, Microsoft says.


    In addition to the JPEG issue, Microsoft this week, as part of its monthly security patch release cycle warned of a flaw in the WordPerfect 5.x Converter that it supplies as part of Office 2000, Office XP, Office 2003, and recent editions of its Works Suite.


    The WordPerfect converter flaw, which Microsoft rates "important," could allow an attacker to gain full control over a victim's PC, Microsoft says. A software patch is available for the vulnerable products to fix the problem.

    __________________________

    Call me an Apple zealot or m$-hater if you wish, but I've never had my computer comandeered from me via an IMAGE FILE :rolleyes: (no pr0n jokes, please.) :D

    I think security bulletins like this should be required reading before anyone is allowed to buy a windows pc from now on.

    OK m$ apologists, come and tell me off :)
     
  2. DreaminDirector macrumors 6502a

    DreaminDirector

    Joined:
    Sep 3, 2002
    Location:
    Ladera Ranch, CA
    #2
    I actually agree with you. It's amazing how people can figure out these little security holes in M$ software. Viruses can be obtained just by viewing an image?!?! Geez....

    Each one of these reports make me appreciate my macs more and more.
     
  3. cb911 macrumors 601

    cb911

    Joined:
    Mar 12, 2002
    Location:
    BrisVegas, Australia
    #3
    huh, there's lots of other stuff Microsoft has to be warning about... ;)

    but that's just... pathetic. that an OS can be compromised by a JPEG. :rolleyes:
     
  4. AmigoMac macrumors 68020

    AmigoMac

    Joined:
    Aug 5, 2003
    Location:
    l'Allemagne
    #4
    for this kind of warning...

    <nelson> Haa Haaa! </nelson>

    Pathetic! :eek:
     
  5. MongoTheGeek macrumors 68040

    MongoTheGeek

    Joined:
    Sep 13, 2003
    Location:
    Its not so much where you are as when you are.
    #5
    Imagine a worm that goes around in a jpg file.
    Imagine sysadmins blocking all jpgs to keep it out.

    Then again there a similar problem with Apples libpng a while back.
     
  6. BornAgainMac macrumors 603

    BornAgainMac

    Joined:
    Feb 4, 2004
    Location:
    Florida Resident
    #6
    They need to go back to .BMP files now and ask everyone to switch their websites to use .BMP. :rolleyes:
     
  7. AmigoMac macrumors 68020

    AmigoMac

    Joined:
    Aug 5, 2003
    Location:
    l'Allemagne
    #7
    After that a new security hole would be found, someone could take over your PC as soon as you open MS Paint ... :cool:
     
  8. virividox macrumors 601

    virividox

    Joined:
    Aug 19, 2003
    Location:
    Manila - Nottingham - Philadelphia - Santa Barbar
    #8
    i wonder if something similar could be found with os x?

    using a jpg to deliver a malicious package is a briliant idea, since most ppl have pictures as jpgs so telling people not to open or save jpgs would be useless
     
  9. Timelessblur macrumors 65816

    Timelessblur

    Joined:
    Jun 26, 2004
    #9
    In one word yes. but like the lack of virse for the mac it not going to be hit very hard for the mac since it would require a diffence set up

    I am kind of supises that this is the first offical warning issued by MS or any of hte major OS.

    It been known for a while that you could hide a malicious package/program in jpg file. I remeber reading about this a few years ago in from a repitble sorce. Since it been a few years I can not remeber which one reported it. My only guess is they knew something could be hiden in it but no one had profect the art to hide a program in it yet so maybe the first one are starting to crop up in more likely places. Virse checkers started looking into jpg a lot closer after they learned about his a few years ago. Basicly it is a flaw in the way jpeg files are compressed
     
  10. bousozoku Moderator emeritus

    Joined:
    Jun 25, 2002
    Location:
    Gone but not forgotten.
    #10
    Of course, but hopefully, Apple's programmers aren't as sloppy and took some care in checking limits before accessing memory. Unfortunately, it's just pathetically sad that there are so many people developing software who don't build safe code.
     
  11. MorganX macrumors 6502a

    MorganX

    Joined:
    Jan 20, 2003
    Location:
    Midwest
    #11
    I'm not trying to start and argument or anything but:

    Security Update 2004-09-07 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:

    CoreFoundation
    IPSec
    Kerberos
    libpcap
    lukemftpd
    NetworkConfig
    OpenLDAP
    OpenSSH
    PPPDialer
    rsync
    Safari
    tcpdump

    Does this mean OS X was created by sloppy developers? Do you think it will be the last security patch released for OS X? Tiger? Do you think it is the first?
     
  12. MongoTheGeek macrumors 68040

    MongoTheGeek

    Joined:
    Sep 13, 2003
    Location:
    Its not so much where you are as when you are.
    #12
    from http://www.info.apple.com/kbnum/n61798
    PNG's are a moderately common graphics format developed to replace GIF's because Unisys were poopyheads.
     
  13. mvc macrumors 6502a

    mvc

    Joined:
    Jul 11, 2003
    Location:
    Outer-Roa
    #13
    Here is my prediction...

    Sometime in the next 5 years someone very clever and dedicated is going to hack up the ultimate weaponised PC virus, one that actually really does work, spreads quietly but irresistably across all networks, email, browsers, and embeds itself in a variety of file types. It will do nothing at all until it achieves a certain level of penetration. Then it will bring about a global computing disaster on a single day by utterly trashing every PC hardrive, which will at minimum bankrupt microsoft and cause a global recession and many other calamities. Basically, what Y2K was supposed to be like.

    Why do I predict this - because it is doable and therefore someone with a truly vested interest in global terrorism will eventually do it. The reason it is doable is not all these various security holes, or even Microsofts general coding lapses; it's the success of the platform and its interconnectedness. We have the digital equivalent of a monoculture out there, monocultures are always susceptible to a single effective virus, e.g the Irish Potato Famine.

    The near universality of the platform, combined with the network effect created by the high level of interconnectedness between individual machines, makes it virtually inevitable that this sort of thing will get worse and worse and finally someone will do the deed properly.

    Because they can.

    And we are going to have to learn the lesson about putting all our eggs in one basket all over again.

    So lets hope for the growth of linux, unix, sun and apple platforms. It's probably too late, but its the only long term solution in any case. Strength through diversity.
     
  14. MorganX macrumors 6502a

    MorganX

    Joined:
    Jan 20, 2003
    Location:
    Midwest
    #14
    I think this is a flawed argument becuase we are not a monoculture and neither is our IT infrastructure. Microsoft isn't close to dominating high end Servers. More importantly, the more critical the server, hopefully the tighter the security.

    The critical path is the access point, that would be Internetworking. The Internetworking infrastructure stands more of a chance of being brought down, or slowed to a crawl than a universal virus wreaking havoc on systems critical the the functioning of the United States of America, unless you count a virus affecting power grids to be universal. I wouldn't attempt to hopelessly bring down America's IT infrastructure, we'll take that challenge and win; I'd go for the power sources.
     
  15. mvc macrumors 6502a

    mvc

    Joined:
    Jul 11, 2003
    Location:
    Outer-Roa
    #15
    I guess I'm thinking more of the end users, the vast majority of those devices are Windows boxes. No single attack could utterly disable the entire network, obviously, and many critical systems are more protected, but it doesn't need to be universal to be a complete economic catastrophe. Consider the data stored on Microsoft business systems and home systems worldwide. Thats the data that's vulnerable, not the powerplants or airports, although, I did read a recent thread that nuclear capable British Navy vessels are installing a windows based Combat Management System. So our global terrorist hacker thinks? Lets have a wee play with those launch codes then while we are at it.

    Also, I'm not envisioning one of these typical virus attacks where speed of reproduction is so high that the networks become clogged and IT people start battening down the hatches and locking out the affected systems.

    I'm thinking of a virus that takes a year or two to filter through the global system by a diverse variety of vectors, trickling out copies rather than drawing attention to itself by mass mailing storms, hides passively and waits for a certain level of penetration or a set date to simply take out the host machines. A stealth virus created simply to invade and destroy an unsuspecting windows world as efficiently as possible, not to boost anyones teenage ego by flashy displays of power.
     

Share This Page