The coming JPEG crisis

I am ambivalent. Some days I would like to take a ball bat to this infernal machine (think Luddites). It's
spawn of Satan (should that be in caps??). I sure
would miss all of you fine folks though....... :)

John Galt
 
The company I work for has virus infected emails flying around with the attachments 'price.cpl' or joke.cpl' . Started late yesterday.
 
I'd recommend installing XP service pack 2, which is not vulnerable to this and many other 'gaps'. I've been running it since early release candidates and have had no problems.
 
The company I work for has virus infected emails flying around with the attachments 'price.cpl' or joke.cpl' . Started late yesterday.
CPL is a "control panel applet". That's a more traditional attack that requires you to click on an attachment to become infected.

A JPEG exploit will probably be much more difficult to detect and prevent. This is about the nastiest thing I can imagine.

Somewhere, a group of Russian hackers sympathetic to Muslim extremists are coding up the Blue Screen of Death virus....

Oh, I can see it now. Two weeks after the bogus results from the election are detected (Windows powers some of the new electronic voting machines), and the power grid goes down, the Homeland Security Department will put us on Red Alert and issue an advisory to disable graphics on your web browser, stop reading email, and resume life as normal :)
 
I see some pro-Kerry ads that fault Bush for being against the "Homeland Security Dept" and the
"9/11 Commission", subsequently supporting them.
IMHO he had it right the first time.

John Galt
 
I'd recommend installing XP service pack 2, which is not vulnerable to this and many other 'gaps'.

I have service pack 2, but the MicroSoft automatic update web site told me to download the patch any way.  I had no idea if it was needed or not, but I downloaded it because update told me to.  I hope my machine doesn't melt as a result of my ignorance of such things.  :)
 
A JPEG exploit will probably be much more difficult to detect and prevent.   This is about the nastiest thing I can imagine.

Actually, it's not that difficult for AV software to detect. The only problem is that it can take a bit more time to scan the JPEG files (as the entire file needs to be processed). Fortuantely, it can be detected with 100% accuracy, so when a new virus comes out using this exploit, the AV software will start blocking it immediately (rather than having to wait until the AV company provides new virus definitions).
-Scott
 
Actually, it's not that difficult for AV software to detect.
You're assuming the AV software knows what to look for and that it has an opportunity to scan before you're infected.

You know that naked Uma Thurman picture you just browsed? It quietly infected your machine with a worm that will lie dormant until Dec 25, 2004. At which point, worms will rise early in the morning, infect other machines on your internal network, and then leave you a nasty surprise.

Or maybe nothing will happen. Who knows? Unfortunately, there are bad guys out there, and this Windows bug will interest them.
 
You're assuming the AV software knows what to look for and that it has an opportunity to scan before you're infected.

That is a good point. If a web browser doesn't save the file before displaying it (or saves the file, and continues to display the picture even if it does not save properly), you can get infected.

Although the AV software can easily detect the exploit, it can't do so if it doesn't see the file. This exploit is really changing how AV software needs to work.

You know that naked Uma Thurman picture you just browsed?

Uh-oh -- I guess I better get that anti-spyware program. How did you know about that picture:confused: :)
-Scott
 
It quietly infected your machine with a worm that will lie dormant until Dec 25, 2004.

I scan my computer with its indigenous virus detector, 2 ad detectors, and one trojan detector. Then use several free on line detectors (e.g., Norton, House Call, Panda). Then I print out a Hijack This log to see if anything suspicious is running, and ping my machine for open ports that trojans commonly use from an on line service, and keep my firewall on. I patch with MSFT upgrades. What more can I do to protect my machine? Can it still have hidden viruses and trojans on my machine, waiting for Doomsday to activate? These things confuse me.
 
If you've got a patched Win2k/xp system, you're covered. No other operating systems are vulnerable. My concern isn't so much that my own individual machines might be vulnerable, it's more that this type of exploit will likely find its way past most corporate security measures, so it's potentially a more potent vector than we've seen before.

Then again, it could be nothing. Continue life as usual :)
 
If you've got a patched Win2k/xp system, you're covered.

Thanks Wab. I have the latest MSFT XP patches. I will continue life as usual. I just like to solve puzzles, and the thought that secret code might be on my machine is a marvelous puzzle that I can't resist following up on.
 
Back
Top Bottom