downloading music with xp = uhoh

sinjin · Dec 23, 2002, 05:30 PM

http://www.msnbc.com/.........

imagine that with these latest service packs win2k will be included as well.

"Victims need not be induced to play the infected music file to cause an attack. Because of the way Windows file Explorer reads the attribute information, simply hovering over an infected music fileâ€™s icon is enough to cause the buffer overrun. Accessing a folder where the file lives would also invoke the malicious program, as would visiting a Web site where the file is stored...."

Vampyromaniac · Dec 24, 2002, 02:18 AM

I heard or these flaws, and I always wonder....
How exactly does the attacker control the target computer? Do they have some sort of command-line interface? A DOS box or telnet or something?
Also, how does the attacker know when when the user causes the overflow? They get a pop-up window or something saying so-and-so is now under your control?
And what the hell in the operating system links reading a file's attributes to accepting commands remotely? Or if that's far off, I dunno... Is there some code in the OS saying "hey, if this buffer overflows, then just start accepting commands from outside." What the hell, you know?
I dunno... the whole thing just confuses me.

mbeeston · Dec 24, 2002, 02:27 AM

it's easy to understand but hard to do.. id3 code is the code that tell the os/player the name of the song and such.. all someone needs to do is make a fake id3 tag with a tojan code and put it in a song file, windows would automaticly open the id3 tag thinking it'll find the name of the song but will only find a computer code and run that instead... windows xp automaticly reads the id3 tags when it views the mp3 files in a folder

espionage_man · Dec 25, 2002, 02:00 PM

will antivirus software prevent this code from being run on your computer if it is kept up to date? do they have a fix for it yet? if it won't, what will?

Necrosis · Dec 25, 2002, 03:09 PM

Hmmm.... long ago I used to download music all the time. However, now it's a very rare thing for me to do so. I've become a huge stickler for quality and I'm sorry to say the quality usually isn't present in P2P music. Good thing to have a small network of people buying CD's.

Dec 23, 2002, 05:30 PM	#1
sinjin the last samurai Join Date: May 2002 Posts: 1,086 Rep Power: 0	downloading music with xp = uhoh http://www.msnbc.com/......... imagine that with these latest service packs win2k will be included as well. "Victims need not be induced to play the infected music file to cause an attack. Because of the way Windows file Explorer reads the attribute information, simply hovering over an infected music fileâ€™s icon is enough to cause the buffer overrun. Accessing a folder where the file lives would also invoke the malicious program, as would visiting a Web site where the file is stored...." __________________

Dec 24, 2002, 02:18 AM	#2
Vampyromaniac confutatis maledictis Join Date: May 2002 Location: somewhere dark Posts: 5,974 Rep Power: 77 System Specs	I heard or these flaws, and I always wonder.... How exactly does the attacker control the target computer? Do they have some sort of command-line interface? A DOS box or telnet or something? Also, how does the attacker know when when the user causes the overflow? They get a pop-up window or something saying so-and-so is now under your control? And what the hell in the operating system links reading a file's attributes to accepting commands remotely? Or if that's far off, I dunno... Is there some code in the OS saying "hey, if this buffer overflows, then just start accepting commands from outside." What the hell, you know? I dunno... the whole thing just confuses me. __________________ *Digitalis 3.3* Athlon 64 3000 // ASUS K8V SE Deluxe // 1024MB PC3200 (2-2-2-10 1T) ATI All-In-Wonder 9700 Pro // 20" Dell 2005FPW (DVI) M-Audio Revo 7.1 + Philips Acoustic Edge // Klipsch ProMedia 2.1 320/16 Western Digital WD3200KS + 120/8 Seagate 7200.7 NEC ND-3550A 16x DVD±RW + Lite-On 52x24x CD-RW Antec Sonata case // 480W Antec TruePower personal bests \|\| Aq'3: 46796 \| 3D'01: 20461 \| 3D'03: 6336 \| 3D'05: 2677 \| PC'04: 4605 \| PC'02: 7691,9092,1250

Dec 24, 2002, 02:27 AM	#3
mbeeston HardwareHeaven Senior Member Join Date: Oct 2002 Location: alberta, canada (thats north of the usa people) Posts: 1,037 Rep Power: 68 System Specs	it's easy to understand but hard to do.. id3 code is the code that tell the os/player the name of the song and such.. all someone needs to do is make a fake id3 tag with a tojan code and put it in a song file, windows would automaticly open the id3 tag thinking it'll find the name of the song but will only find a computer code and run that instead... windows xp automaticly reads the id3 tags when it views the mp3 files in a folder __________________ R.I.P Roadee - you will be missed T_T peace,love, and war... 3 things people look for... "if your going off the deep end, show off, do a cannon ball!" - me

Dec 25, 2002, 02:00 PM	#4
espionage_man DriverHeaven Newbie Join Date: Dec 2002 Posts: 11 Rep Power: 0	will antivirus software prevent this code from being run on your computer if it is kept up to date? do they have a fix for it yet? if it won't, what will?

Dec 25, 2002, 03:09 PM	#5
Necrosis HardwareHeaven Extreme Member Join Date: May 2002 Location: Ohio Posts: 8,838 Rep Power: 131 System Specs	Hmmm.... long ago I used to download music all the time. However, now it's a very rare thing for me to do so. I've become a huge stickler for quality and I'm sorry to say the quality usually isn't present in P2P music. Good thing to have a small network of people buying CD's.