Dom

According to Mikko Hypponen, director of antivirus research for F-Secure, antivirus software will strain to find JPEG malware, because by default, it only searches for .exe files.

"Normal antivirus software, by default, will not detect JPEGs," Hypponen said. "You can set your antivirus scanner to look for JPEG, but the trouble is that you can change the file extension on a JPEG to so many things."

There are about 11 file name extensions to which JPEGs can be changed, including .icon or .jpg2. Hypponen said this would make finding malicious JPEGs even more difficult; searching could take up a significant amount of valuable processor power.

Internet Explorer processes JPEGs before it caches them. That could also mean that desktops may become infected before antivirus software has a chance to work.

"This means that it is not enough to scan at the desktop," Hypponen said. "You have to scan at the gateway, but this will put a huge load on your bandwidth."

Hypponen said he expected a virus attack using the exploit to occur soon: "There has been so much interest in this vulnerability that someone is bound to do this. But saying that, there was a similar vulnerability found two months ago in bitmaps, and no one has exploited that yet."

[Read More]

___________________
Source: c|net

GutterPunk

thats nuts man...

__________________
Rock On \m/ Thank you Mousey for the Sig!
---------------

Intel Core2Duo E6660 (3.4GHZ) ~ Tuniq Tower 120 ~ Enermax Galaxy 1000W ~ Corsair Dominator @ 1090MHZ 5-5-5-15 (OCZ XTC Modded Cooler)~ EVGA 8800GTX W/ HR-03 Plus 120MM ~ Asus DVD-RW LiteScribe ~ LG DVD-RW ~ Corsair Voyager 2GB ReadyBoost Drive ~ Vantec Nexus Fan Controller ~ ThermalTake Armor 25CM fan ~
Personal Finance Blog: Dent Your Debt

jsx[ifl]

im more worried about this then anything else on the net now, cause there virtually no way to defend.

__________________
[color=Gray][color=DarkRed][color=Gray][color=DarkRed][color=Gray][color=DarkRed][color=Gray][color=DarkRed][color=Gray][color=DarkRed][color=Gray][color=DarkRed][color=Gray]
[/color][/color] [/color][/color][/color][/color][/color][/color][/color][/color][/color][/color][/color]

PoopyTheJ

Isn't there a windows update for this? I have automatic updates on, and when I checked windows update I didn't see anything about this.....

__________________

PoopyTheJ

I was just checking the Windows Update site theres a GDI+ update which is what this is for I think, however as far as I can tell it only affects microsoft office suite products and other MS add-on software as the GDI+ tool says my system is not vulnerable to this exploit, correct me if I'm wrong here....

__________________

PoopyTheJ

Yet another update here, according to a post on slashdot here, the GDI+ scanning tool on Windows Update is quote "worse then useless". Sans has an alternative scanning tool for DLL's in the windows directory which could be or are vulnerable to this exploit, you can grab this too here.

__________________