Microsoft warns of poisoned picture peril

Microsoft warns of poisoned picture peril
Kevin Poulsen, SecurityFocus 2004-09-14

The old bromide that promises you can't get a computer virus by looking at an image file crumbled a bit further Tuesday when Microsoft announced a critical vulnerability in its software's handling of the ubiquitous JPEG graphics format.

Expand all | Post comment

Microsoft warns of poisoned picture peril 2004-09-20
PES

I hope that there are no new buffer overflows found in IIS (or any other www server) for a while. A blended threat comprised of this and a worm similar to nimda could be disasterous. The worm could, in addition to replicating itself from web server to web server, modify a jpg on the home page of each site. The jpg would overflow the web clients and run code of the attackers choice. Huge disaster.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/9508/28528#28528