OpenBCM V1.13 (Linux)

Packet Radio Mailbox

DB0FHN

[JN59NK Nuernberg]

 Login: GUEST





  
CX2SA  > VULNER   10.11.05 04:08l 62 Lines 2948 Bytes #999 (0) @ WW
BID : 58275_CX2SA
Read: GUEST
Subj: Images could turn nasty...
Path: DB0FHN<DB0FOR<DB0SIF<DB0EA<DB0RES<DK0WUE<7M3TJZ<CX2SA
Sent: 051110/0200Z @:CX2SA.LAV.URY.SA #:58275 [Minas] FBB7.00e $:58275_CX2SA
From: CX2SA@CX2SA.LAV.URY.SA
To  : VULNER@WW


                  Images could turn nasty with Windows bug
                  ========================================

Microsoft released several software patches  on Wednesday for a bug  that could
let seemingly harmless image files open PCs to hackers.

Independent security researchers discovered  the flaw and alerted  the software
company to its existence in March  2005. It affects most versions of  Microsoft
Windows and received the company's highest alert rating of "critical".

The bug  allows modified  image files  to bypass  the security  of the  Windows
operating system, potentially  providing remote access  to an outsider.  Images
saved in the Windows Metafile and Enhanced Metafile forms - with the extensions
.wmf and .emf - could be converted to attack PCs, experts say.

The flaws are  reminiscent of those  touted in the  1994 "JPEG of  death" hoax,
which 10 years later became a real risk.

Overflow bug
------------
The new flaw  is an "overflow"  bug in the  component of the  Windows operating
system  responsible  for processing  certain  image files,  called  the Windows
Graphical Device Interface (GDI).

The overflow  bug means  that feeding  too much  information into  the parts of
computer memory allocated to this program will overwrite other areas of memory.
A skilled programmer could use this effect to gain wider access to a machine or
steal sensitive information from its hard drive.

But  a  bigger  concern  is  that  an  expert  hacker  will  release  code that
automatically performs the trick.  That would enable less  accomplished hackers
to craft attacks based on the bug.

"An attacker could send a malicious metafile to a victim via a variety of media
- such as HTML, email, a link to  a web page, a Microsoft Office document or  a
chat  message -  in order  to execute  code on  that user's  system," reads  an
advisory issued  by US  computer security  company eEye  Digital Security  on 8
November.

A similar  vulnerability was  found to  affect older  versions of  Macromedia's
popular Flash player software on 7 November. This provides a way for  carefully
manipulated Flash files to bypass  a computer's security. Flash files  are used
to display animations and are often embedded in web pages. A software patch has
been released.

    ***********************************************************************
    *   CX2SA:BBS  CX2SA-6:CLUSTER  CX2SA-7:WX  CX2SA-8:APRS/DIGI/IGATE   *
    *---------------------------------------------------------------------*
    * RF: 7.040 KHz  TCP/IP: cx2sa.dyndns.org Port 23  CLUSTER: Port 9000 *
    *---------------------------------------------------------------------*
    * SysOp: Jose Maria Gonzalez Devitta  *  E-mail: cx2sa@adinet.com.uy  *
    *        Minas * Lavalleja * URUGUAY * South America * [GF25JP]       *
    ***********************************************************************




Read previous mail | Read next mail


 09.07.2026 19:05:55lGo back Go up