MSB Buffer Overrun in JPEG Processing

Discussion in 'Windows Desktop Systems' started by VenomXt, Sep 28, 2004.

  1. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx

     
  2. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    There is a virus in the wild (posted to Usenet yesterday) for this. Also it appears that just because M$ patched there jpeg rendering doesn't mean that your unaffected as other programs that you installed may have there own jpeg renders that are also exploitable. Hopefully some more info will be released on this soon before everyone is effected (or nobody opens any images). Also don't be fooled as it was posted that an attacker can change the file extention to any image file format really (ie. bmp, tif, ect) and Windows will still read it as a .jpeg and render it accordingly.
     
  3. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    The MS patch for this was fairly shocking... on an enterprise level.
    The GDI tool is automatically pushed out using the SUS server but unless an admin is present to run the scan on every machine of the domain - the user gets an error every time they login!!