Thursday, October 07, 2004

JPeG Virus or Worm still expected, please patch ASAP!

We are still waiting for the release of a new worm or virus which will be using the JPG vulnerability. I personally thaught that it would be released during latest week anti-virus conference but this was not the case ... but the countdown goes further.
I want to get people to patch before it's too late.
Couple of notices on this vulnerability:
- Filtering files with .JPG extension won't protect you much. Bad JPGs can be renamed to .BMP and they still work fine.
- Definitely try to update Word, Excel and other Office tools .. therefore you need to visit , these are the most important programs to update.
- A lot of anti-virus scanners has released generic updates already, however I don't have any idea what the real impact will be if a real attack will be launched.
- However, exploiting Internet Explorer with this vulnerability seems to be particularily hard. Exploiting Windows XP's EXPLORER.EXE while viewing local JPG files is much easier and several toolkits to create JPGs like this exist. This reduces the likelyhood of appereance of a massmailer worm using this vulnerability.
- At least try to update your anti-virus scanner ASAP as this will be the first protection for most of the home users and corporates.