September 23rd, 2004, 14:17 PM
Old and Cranky
Code to exploit Windows graphics flaw now public
Full story here.
A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software.
Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way Microsoft's software processes JPEG graphics, could allow a program to take control of a victim's computer when the user opens a JPEG file.
"Within days, you'll likely see (attacks) using this code as a basis," said Vincent Weafer, senior director of security response for antivirus-software company Symantec. "This is dangerous in a sense that everyone processes JPEG files to some degree."