Skip to comments.A picture worth a thousand worms
Posted on 10/07/2004 3:16:54 AM PDT by BillCompton
Picture this: Just viewing a photograph on the Internet could allow a hacker to take over your computer.
Such a thing hasn't happened, but computer security experts say this scenario is not only possible, but likely.
Hackers have found a security flaw in several types of Microsoft software that allows them to infect JPEG images with malicious code that opens a back door to computers. The flaw is in Microsoft's Internet Explorer, its Windows XP operating system and some of its other programs.
The scope of the vulnerability is dizzying: Just using Internet Explorer to view an infected JPEG image on a Web page would be enough to let a remote hacker take over the computer and run any program imaginable, experts say.
"JPEGs are everywhere," said David Perry, global director of education for Trend Micro, a computer security firm in Cupertino, Calif. "There are trillions of pictures on the Web."
Microsoft has acknowledged the problem and three weeks ago ...
(Excerpt) Read more at startribune.com ...
Its long past time to make virus coders spend a long stretch in prison.
Until we get serious about punishing the miscreants the problem will not go away...
A better browser. I don't know if it's vulnerable too, but I've found it to eliminate a lot of Explorer issues.
Microsoft has been advising of this problem for weeks. This adversary is from Sept. 14.
This flaw does not affect machines that installed Windows XP Service Pack 2. Most of the attacks from the summer didn't affect SP2 either.
They do advise to run Office Update, regardless of Windows version if you are running MS Office.
It's critical that if one is using Windows, that one get SP2 for XP. If you have a non-XP Windows version and dont have a hardware router/firewall, then take your machine off the Intermnet
My operating system is a relic from the Stone Age (Windows 98SE), and isn't vulnerable to the Buffer Overrun in JPEG Processing, mainly because no one cares enough to devise viruses for us anymore.. =(
When I use my Macs (I have 2, plus a brand new Dell Dimension) I sigh in relief!
I can't say a thing negative about that- I spent close to two weeks clearing garbage out of both home PC's last June, and briefly converted both systems to Linux/Win2000.
Unfortunately, the wife objected, so we're back to scanning and patching.
Benefits of obsolescence?
Kind of like what has happened over the centuries as a result of not having a policy of hanging lying politicians? ;)
I recommend Housecall which is a free virus can at Trendmicro.com My Gateway which runs Windows2000 PE was running slower than molasses and when I scanned it with Housecall I had more than 200 infected files - worms, viruses, Trojan horses- you name it Even my screen saveers were infected Housecall cleaned it right up -Good program But just as bad is finding 'Elite Toolbar' on my computer again and again and having to spend hours again and again deleting that piece of crap
I have been wondering if anybody else may have experienced the same thing?
"I had a computer guy with 13 years experience try to clean it up for me. He deleted a bunch of stuff, but it comes back"
If you can't clear it up, register here ( after reading their introductory "pinned" posts explaining what you need to do first )--
New here? Read this FAQ before you do anything else.
Yes, I have had the same problem, but I had a trojan horse virus. I thought I got it all from spam because I had my Outlook Express set to view e-mail. I still haven't managed to delete the search bar, and all of the new shortcuts keep coming back. Grrrrrr!
Thank you for the link. I have bookmarked it and will show it to my computer guy, or, if I get brave, do it myself.
The internet will be over soon. The parasites (hackers) will have killed the host.
Bring back taring and feathering I say.
If you lurk around the SWI forum for a while and read all their tips and instructions, you can probably get enough of an idea to try curing it on your own.
The forum is staffed by volunteers, and the membership has grown from 5,000 when I signed on to nearly 25,000 today, so they are badly undermanned and overloaded. You have to be persistent, and frankly, women seem to get more help than men over there. Take advantage of it.
I won't presume to give more than general help, but you will need the latest versions of ad-aware ( by lavasoft ) and spybot search & destroy- you will need them anyway-- you will find plenty of links for downloads in the forum. Next ( using instructions you will also find in the forum ) they will need to be set to perform a custom scan. You need both, they find slightly different nasties.
This may not cure the problem, but it will help remove a lot of junk you may not have known about that degrades performance, and is a step to cleaning your machine.
Many infections take multiple passes, rebooting in safe mode, and using some of the custom removal tools ( also found in the forum ) like aboutbuster and cwshredder and hijackthis! to get rid of the damned junk.
And seriously consider using another browser besides IE, if you don't already. When I used IE, even going to supposedly benign sites, ad-aware and SS&D would find multiple tracking cookies and registry changes- since switching to Firefox, that is almost non-existent. You still have to check, but it's gone from an everyday occurence to being fairly rare.
Oh! Be certain to keep your operating system's patches and upgrades current- it's dang nuisance, but MS released 6 new fixes today that I just installed.
That's interesting. I've been experiencing very similar things on my home computer. Highlighted and underlined words within words (especially on FR) like mba, sex, and others. I also have a new toolbar with shortcuts to adult sites and others. I can't run half of my programs like word/quattropro and others and my printer won't print.
See replies 6, 13, & 18.
Sorry to hear that, bh. Having made the transition myself, can you tell me what her specific objections were?
We had a few teething pains tuning the setup to everyones' liking (4 users) but are now using Linux as a matter of routine with but a few complaints. We do maintain an XP partion that I have to boot to once a week but ALL our browsing is now done thru Linux. My maintenance time is much below what it was for Windows and I haven't had to worry about spy/malware at all.
She has the usual ton of work that comes home, all in Win2000, digital cmaeras, PDA- it was just too aggrivating to learn what I needed to make all the bloody stuff work. And get her to try to learn it, too.
I've got a hardware firewall and the usual anti-virus and spyware stuff, and since June the system(s) have been OK.
I might add that while this was going on, the backup PC died, so the "good" PC became the backup after I built a new one- necessitating migrating a drive and the usual hardware hassles associated with this. I just got tired of screwing around with it. Mandrake 9, for whatever that's worth.
Is my Comodore 64 vulnerable? Should I switch back to my Vic 20?
The only reason I reboot once a week is to use MSOffice for a work issue. I'm planning on getting Crossover Office at some point so I can run Office under Linux but my schedule's too tight to mess with it right now.
I've been using SuSE linux and have been very pleased with the hardware compatability. Installation was actually easier than XP for this version. I bought previous versions but am currently using the FTP installation directly from their site - for free. Worth every penny 8^)
But the big issue for me has been the security/update/malware one. It's a breath of fresh air since all this MSmess started heating up this summer. I'd be pulling my hair out if I still had to be running scans and haunting security sites as offen as I did before.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.