Attackers Target Microsoft Jpeg Flaw

bbxi

09-29-2004, 06:52 AM

From Information Week:

Attackers have posted a malicious Jpeg image file to Internet newsgroups that distribute pornography. The infected Jpeg file attempts to exploit a critical vulnerability Microsoft announced and issued a patch for on Sept. 14, in its MS04-028 security bulletin.

According to postings on the Internet security mailing list Bugtraq and Easynews Web portal, the infected Jpeg file was posted Monday. Users who download the file could allow attackers to take complete control of their systems.

Internet security information group Internet Storm Center issued an advisory saying the malicious file appears to have been developed using one of the many published “exploit kits” that are designed to make it easier to attack the MS04-028 vulnerability.

Read the rest here (http://informationweek.com/story/showArticle.jhtml?ar ticleID=47903504). Related news in Wired (http://www.wired.com/news/technology/0,1282,65116,00.html ?tw=wn_tophead_5) and eWeek (http://www.eweek.com/article2/0,1759,1659721,00.as p).

This is an archived page from the former Timog Forum website.