Hackers Smell Blood In Common Windows Interface

Discussion in 'Windows Desktop Systems' started by rik, Sep 24, 2004.

  1. rik

    rik OSNN Addict

    Messages:
    115
    Location:
    I dunno
    Article in it's original form and vulnerability scanner can be found here.


    By Dan Neel, CRN
    11:46 AM EDT Fri. Sep. 24, 2004
    Since Wednesday, a rising tide of attacks which could precede the arrival of a new worm have been attempting to exploit the Windows GDI (graphic device interface) for JPEG files, according to the Internet Storm Center, Bethesda, Md.

    GDIs handle and transmit graphics to output devices like monitors and printers. Hackers are attempting to bombard the JPEG GDIs to achieve a buffer overrun that could allow for the execution of malicious code.

    Microsoft made the vulnerability public last week with the issuance of a Microsoft Security Bulletin MS04-028.

    Microsoft rates the severity of the threat as critical and advises users to apply an update immediately. Updates and their related Windows operating-system versions can be found here.

    Officials at the Internet Storm Center warned "We expect a rapid development of additional exploits over the next few days."

    The Storm Center also cautioned that many non-Microsoft programs are also vulnerable to the JPEG GDI exploits, and has issued a link to a free scanner download to detect vulnerable GDIs. That scanner can be found here.
     
  2. scriptasylum

    scriptasylum Moderator

    Messages:
    832
    Location:
    Des Moines,IA
    IIRC, the Athlon64 CPU provides protections against buffer overruns on the hardware level. Would this be enough to negate this threat?