September 24th, 2004, 20:53 PM
Old and Cranky
Hackers Smell Blood In Common Windows Interface
Article in original form plus download of vulnerability scanner can be found here.
By Dan Neel, CRN
11:46 AM EDT Fri. Sep. 24, 2004
Since Wednesday, a rising tide of attacks which could precede the arrival of a new worm have been attempting to exploit the Windows GDI (graphic device interface) for JPEG files, according to the Internet Storm Center, Bethesda, Md.
GDIs handle and transmit graphics to output devices like monitors and printers. Hackers are attempting to bombard the JPEG GDIs to achieve a buffer overrun that could allow for the execution of malicious code.
Microsoft made the vulnerability public last week with the issuance of a Microsoft Security Bulletin MS04-028.
Microsoft rates the severity of the threat as critical and advises users to apply an update immediately. Updates and their related Windows operating-system versions can be found here.
Officials at the Internet Storm Center warned "We expect a rapid development of additional exploits over the next few days."
The Storm Center also cautioned that many non-Microsoft programs are also vulnerable to the JPEG GDI exploits, and has issued a link to a free scanner download to detect vulnerable GDIs. That scanner can be found here.