Because of a problem with the way that Windows handles JPEG image files, malicious code could be executed on a user's machine if they simply view an ordinary image file. Attackers could create an image file, which would run a malicious program on the victim's computer as soon as the image is viewed. Because Microsoft's Internet Explorer browser is vulnerable, users could be attacked just by visiting a website that has affected images.

"It is a very appealing target, given the range of systems that are vulnerable," said Dermot Williams, managing director of Systemhouse Technologies, speaking to ElectricNews.net. "Ninety percent of desktop users with modern Windows computers will be vulnerable."

"People are used to JPEGs being safe, so I've no doubt that there's currently a scramble to write the first exploit of this flaw," he continued. "Whether it will take hours or weeks, I couldn't say."

The flaw affects various versions of at least a dozen Microsoft software applications and operating systems, including Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It and Digital Image Pro. Microsoft provides a full list of affected applications on its Web site, in its MS04-028 Security Bulletin.

Windows XP Service Pack 2, which is still being distributed to many customers' computers, is not vulnerable to the flaw.

Because so many applications are affected, Microsoft had to create a separate tool to help customers update their computers. Users are directed to download a utility that will find and update the imaging and development applications on their machines.

Linux already has such an update tool, which updates not only the core operating system but also other applications created by the open-source community. But because the majority of Windows applications are created by companies which are independent of Microsoft, it is difficult for the Seattle-based giant to create a similar tool.

The JPEG flaw was reported privately to Microsoft and it was not disclosed prior to the release of the warning and patches, the software maker says. There have been no reports of the issue being exploited to date.

By: DocMemory
Copyright © 2023 CST, Inc. All Rights Reserved