UK IT Industry Awards

Where am I? >
Home >
News >
Security

First sign of malicious code exploiting Windows Jpeg security flaw

29 Sep 2004

Be the first to comment

The first malicious codes to exploit security flaws in Microsoft Windows' handling of jpeg image files has appeared on internet newsgroups.

The trojan is embedded in Jpegs that, once downloaded and viewed, allow hackers to gain control of the user's PC.

Microsoft acknowledged the vulnerability and issued a security patch earlier this month but at the time no viruses exploiting the flaw had been seen.

Online newsgroup access provider Easynews found the trojan code in pictures posted to its site earlier this week.

The current situation poses little risk of a major virus attack because the code cannot replicate itself and spread.

But a more serious way to exploit the flaw has also been posted on Bugtraq, a site that tracks and reports flaws in major software products. According to security software provider Finjan, the new method would allow the hacker to take over an end user's PC simply by having them browse a web page that contains the malformed image file using Internet Explorer.

What do you think? Email feedback@computing.co.uk

If you want to be first with the news, visit Computing every day.

More on:
Security

Reader comments

Add your comment

Have your say on this article

Your name
Email address
Comment title
Your comment

All fields required. Your email address will not be displayed on the site.

By submitting a comment you agree to abide by our Terms & Conditions

Submit

Newsletters

Sign up for our FREE newsletters

Large companies such as Microsoft, Facebook and Google have been hoovering up technology patents recently. Is this stifling innovation?

Yes! These firms are spending billions on the rights to sue one another, rather than focusing on creating new products.

87 %

No! The knowledge that firms are stringently searching for any IP infringement means that new products must be genuinely innovative, and borrow nothing from previous designs if they are to remain in stores and out of the courtroom.

5 %

It doesn't matter! The only useful thing left to be invented is time travel, so I can go back to a time when I had more hair.

8 %

Influence - Consumerisation

27 Apr 2012

Staff are increasingly using their personal devices for work. Productivity may increase as a result, but the trend brings with it security risks

Cloud computing insights from 110 implementation projects

Case studies from large organisations across all sectors

The lesson of 2012: prepare now for increased data volumes

... And rich media, and flexible working, and peaks in traffic ...

More case studies and reports

Upcoming Events

Gain better control of your data with enterprise database consolidation

Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.

Date: 31 May 2012

Time: 11:00 AM

Top 10 causes of IT disasters – and how to deal with them

Concept image of data backup with life preserving floating on background of binary data

Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.

Date: 13 Jun 2012

Time: 11:00 am

More events

Job of the week

More IT Jobs

IT job alerts

Receive the latest jobs direct to your inbox

IT job finder

IT salary checker

Are you being paid what you are worth?

Check Salary

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

First sign of malicious code exploiting Windows Jpeg security flaw

Sign up for our FREE newsletters

Google cloud will rain on IT’s parade

Essential guide to security: Rethinking your defence

Organisations struggle to safely and securely delegate sys-admin tasks

‘BYOD the only sustainable way forward’ says Liverpool NHS IT chief

Threat report 2012

Social media toolkit 1: social media guidance

Who is compromising your security?

Roundtable: Computing hosts debate on big data

Cloud security, how to balance the risk

Business intelligence: The Great Underachiever

Nine out of 10 custom-built web applications vulnerable to attack

New Java-based attack on Mac OS uncovered

Microsoft fixes critical bugs in Explorer and Windows

H4cked Off: I hate to say I told you so...

Vulnerabilities exposed in Apple iOS

Java Developer/Programmer, Algorithmic Trading

Senior Application Support Analyst, Java J2EE, IBM Websphere

IT Manager

Large companies such as Microsoft, Facebook and Google have been hoovering up technology patents recently. Is this stifling innovation?

EU cookie implementation deadline is today

Post Office selects Fujitsu in '£500m' broadband deal

Influence - Consumerisation

HP: 27,000 job cuts by 2014, Mike Lynch to leave (NEW UPDATE)

Government launches Open Data Institute (updated)

HP: 27,000 job cuts by 2014, Mike Lynch to leave (NEW UPDATE)

Google to fund new UK computer science teachers

NHS information strategy gives green light to UK-wide data sharing

Computing research: the many faces of IT disaster

Post Office selects Fujitsu in '£500m' broadband deal

Influence - Consumerisation

Cloud computing insights from 110 implementation projects

The lesson of 2012: prepare now for increased data volumes

Gain better control of your data with enterprise database consolidation

Top 10 causes of IT disasters – and how to deal with them

Job of the week

IT job alerts

IT job finder

IT salary checker