| |
CX2SA > VULNER 10.11.05 04:08l 62 Lines 2948 Bytes #999 (0) @ WW
BID : 58275_CX2SA
Read: GUEST
Subj: Images could turn nasty...
Path: DB0FHN<DB0FOR<DB0SIF<DB0EA<DB0RES<DK0WUE<7M3TJZ<CX2SA
Sent: 051110/0200Z @:CX2SA.LAV.URY.SA #:58275 [Minas] FBB7.00e $:58275_CX2SA
From: CX2SA@CX2SA.LAV.URY.SA
To : VULNER@WW
Images could turn nasty with Windows bug
========================================
Microsoft released several software patches on Wednesday for a bug that could
let seemingly harmless image files open PCs to hackers.
Independent security researchers discovered the flaw and alerted the software
company to its existence in March 2005. It affects most versions of Microsoft
Windows and received the company's highest alert rating of "critical".
The bug allows modified image files to bypass the security of the Windows
operating system, potentially providing remote access to an outsider. Images
saved in the Windows Metafile and Enhanced Metafile forms - with the extensions
.wmf and .emf - could be converted to attack PCs, experts say.
The flaws are reminiscent of those touted in the 1994 "JPEG of death" hoax,
which 10 years later became a real risk.
Overflow bug
------------
The new flaw is an "overflow" bug in the component of the Windows operating
system responsible for processing certain image files, called the Windows
Graphical Device Interface (GDI).
The overflow bug means that feeding too much information into the parts of
computer memory allocated to this program will overwrite other areas of memory.
A skilled programmer could use this effect to gain wider access to a machine or
steal sensitive information from its hard drive.
But a bigger concern is that an expert hacker will release code that
automatically performs the trick. That would enable less accomplished hackers
to craft attacks based on the bug.
"An attacker could send a malicious metafile to a victim via a variety of media
- such as HTML, email, a link to a web page, a Microsoft Office document or a
chat message - in order to execute code on that user's system," reads an
advisory issued by US computer security company eEye Digital Security on 8
November.
A similar vulnerability was found to affect older versions of Macromedia's
popular Flash player software on 7 November. This provides a way for carefully
manipulated Flash files to bypass a computer's security. Flash files are used
to display animations and are often embedded in web pages. A software patch has
been released.
***********************************************************************
* CX2SA:BBS CX2SA-6:CLUSTER CX2SA-7:WX CX2SA-8:APRS/DIGI/IGATE *
*---------------------------------------------------------------------*
* RF: 7.040 KHz TCP/IP: cx2sa.dyndns.org Port 23 CLUSTER: Port 9000 *
*---------------------------------------------------------------------*
* SysOp: Jose Maria Gonzalez Devitta * E-mail: cx2sa@adinet.com.uy *
* Minas * Lavalleja * URUGUAY * South America * [GF25JP] *
***********************************************************************
Read previous mail | Read next mail
| |