Wednesday, 15. September 2004

Topic: COMPUTER - on September 15, 2004 at 10:46:00 AM CEST

Microsoft warns of poisoned picture peril

The old bromide that promises you can't get a computer virus by looking at an image file crumbled a bit further Tuesday when Microsoft announced a critical vulnerability in its software's handling of the ubiquitous JPEG graphics format.

The security hole is a buffer overflow that potentially allows an attacker to craft a special JPEG file that would take control of a victim's machine when the user views it through Internet Explorer, Outlook, Word, and other programs. The poisoned picture could be displayed on a website, sent in email, or circulated on a P2P network.

theregister pcworld

... Comment