Security Watch Letter: Inside the JPEG Virus

By Jay Munro  |  Posted 2004-09-30 Print this article Print

This threat is now in the wild. Could you be at risk? Plus: Learn to use Windows Safe mode and recover your system.

The Watch

The end of summer lull for viruses and worms continues. Were still seeing new versions of RBots, and a new Bagle, but nothing with teeth. The big news appears to be the anticipation of a viral exploit of the JPEG vulnerability that Microsoft patched earlier this month. Within days of the release of the security bulletin, there was proof of concept code available on the Web. As the exploit was analyzed by various security groups, it was found that it was similar to a 4-year-old Netscape vulnerability reported by Openwall project.

Shortly after the initial proof of concept code was posted, some C language code was posted that would create a JPG file that starts a command prompt shell in Windows and opens a port. A hacking tool also became available that would allow anyone to create exploitable JPG files. On Monday, Easynews, a newsgroup service company, reported getting the first JPG exploit virus. For more info, see our Top Threat.

This week weve only seen a couple of Windows security alerts, one for corporate users of Symantec firewall products, and another for home or small business users of Motorola wireless routers. See our Windows Security alerts and updates for more information.

Click here for the complete story on

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel