MZL & Novatech TrafficStatistic Website
Home MZL
Webshop
Products
Webservice
Helpdesk
Feedback
About us
News
Submit News
MZL & Novatech Product and Service News
Traffic Statistics News Robot
Traffic Statistics Users Newsfeed
Demo Picture for Microsof...
Search
MZL & Novatech TrafficStatistic Website
News - more news - submit news - XML
United States, 07/25/08:  (details)
The superb multimedia software on Mac OS X - Aimersoft DVD Studio Platinum for Mac now released
Union City/USA, 07/23/08:  (details)
Hurry! Exclusive 50% Discount on uCertify's 70-548 C# and VB Prepkits
china, 07/23/08:  (details)
The Integrated Multimedia Software – iSkysoft DVD Converter Ultimate for Mac now Released
guangzhou/china, 07/17/08:  (details)
Totosoft.net ImTOO DVD Ripper Ultimate
Noida,India, 07/17/08:  (details)
From Digital Isolation to Global Inclusion

Channel: Traffic Statistics Users NewsfeedThis Traffic Statistic news channel is feeded by the Traffic Statistics Users, which can post news items or press releases in real time. If you want to provide a resource, just visit the trafficstatistic website at http://www.trafficstatistic.com/news/add_news_item.html. If you remark an abuse, please report it to abuse@trafficstatistic.com and our admin will delete the item.



Berlin/Germany, 09/20/04

Demo Picture for Microsoft JPEG Vulnerability Available - Time to Patch GDI


Viewing a Jpeg picture can crash the Windows XP Explorer or other Microsoft or 3rd party programs using the GDI library. Affected are Windows XP except when to SP2, Windows 2003 and many other popular Microsoft programs.

And probably very soon, there will be JPEG pictures around allowing to execute an attacker any code he wants with administrator rights on a vulnerable system, when you look at his JPEG picture with a vulnerable software using the Microsoft GDI.

The first pictures demonstrating the JPEG vulnerability in Microsoft's JPEG handling libraries are published, so one can be sure, that there will be very soon trojan and virus pictures following this security hole on Windows computers.

In Microsoft's security bulletin on the buffer overrun in JPEG processing (GDI+), there are links to small patches available, which will cure the problem. The patches will not check for a valid Windows key on installation.

On unpatched Windows XP systems a single left click on such a specially prepared picture in Explorer will crash the Explorer. Other programs like Internet Explorer, Outlook, Microsoft Office or many others seem also be affected, so beware for JPEG, JPG, JFI or JFIF, when a Windows machine is not patches against this security flaw.

The demo pic from Gulftech will demonstrate you the problem.

The provided link will take you to a page containing a link to download the zip jpegcompoc.zip containing a specially prepared jpeg picture from Gulftech. If you unpack it, you might test with this picture, if your system is affected by the security hole and how systems react when encountering the problem.

Link provided: http://www.gulftech.org/?node=downloads



Added by: TrafficStatistic Admin

Previous news item - - - Next news item
Impressum
© 2004-2005 MZL Billing Services & Novatech Ltd. All rights reserved.
 Sponsoring Mein Parteibuch