Possible JPEG virus?

[FrankDrebin]

Software bug raises spectre of 'JPEG of death'

16:14 15 September 04 NewScientist.com news service

Flawed software code used by numerous Microsoft applications to render images mean that a specially constructed image file could hijack a computer or spread a virus.

Ten years ago the idea of an image infecting a computer was the subject of a hoax email. But what was once a myth is now a genuine threat after Microsoft disclosed a flaw in the image processing code used in a range of its software programs on Tuesday.

Some experts blame the new threat on shoddy programming. "In a properly coded world, a graphic should not be able to infect your computer," says Graham Cluley, senior researcher with the UK-based anti-virus firm Sophos. "It should be impossible."

So far, no one is known to have exploited the flaw and Cluley says it is far from certain anyone will develop a computer virus based on it. But code designed to exploit the bug could appear on the internet soon, and this is often the first step towards the creation of a hacking tool or virus based on the flaw.


Crafty programmer

A number of Microsoft operating systems and applications contain the relevant bug, including Windows XP, Windows Server 2003 and Office XP, as well as many smaller applications. Microsoft has released downloadable fixes for affected software, available from the Microsoft TechNet site here.

The affected code has a so-called "buffer overrun" flaw. The buffer is a protected part of the computer memory, but flaws can mean that excessive input data can overrun into unprotected parts of a memory. A crafty programmer can use such a flaw to execute unauthorised code on a computer, potentially providing themselves with a point of entry in order to take complete control.

The hoax email message released in 1994 warned of a JPEG virus that could have severe consequences for the unlucky recipient.

"If you use a 386/486/Pentium machine to display your JPEG pictures, then you are at risk of catching the JPEG virus," the message read. "Although the JPEG virus is nominally benign, it can cause some multisync monitors to malfunction, effectively destroying the monitor."

A virus based on the new software flaw should not be able to damage a victim's monitor, but Rob Rosenberg, editor of the debunking site Vmyths.com, notes that the hoax could come back to haunt people.

"In '94 it was a myth, but in '04 it's the real thing," he told the computer security web site SecurityFocus. "We've got the JPEG of death now."


http://www.newscientist.com/news/news.jsp?id=ns99996408

[pajerokid]

ewan ko lang kung pano nila lalagyan ng virus yung jpg..... wala naman code dun e....

[notEworthy27]

may code ang jpeg. its not really in the picture but in the format your saving in. jpeg is a compression format that is recognized by our computers. with comparison to gif's, gif's not only displays pictures in compressed format but also contains a code that is recognized by our browsers to display its animation or switching pictures. i've read this before and its not far from true. kaya mag-ingat ingat na sa mga mahlig mag download ng p* hehe :D

[FrankDrebin]

Low-Level Programming?

[notEworthy27]

im not really sure. if you have tried creating websites or html pages may code ang jpeg and gif in html. im not sure if on low level languages like basic and c+ meron. siguro lang hehe

[router]

if there was no computer that follows commands (computer code) there's no such thing as a computer virus....

it is not the code (software) that made a computer virus a "VIRUS" but it is the one interpreting the code....

this explains why MSWORD, M***CEL and other office applications have MACRO viruses because microsoft gave those applications the ability to interpret MACRO code. The intention was good with great possibilites... but then again every innovation has the tendency to be exploited and abused. (there was a time when a document infecting other documents was just a hoax)

this is why a JPEG virus is POSSIBLE and indeed IS HAPPENING.... the JPEG FILE itself is not the culprit... a JPEG file is a PICTURE file... it is the one interpreting the file that could make it dangerous... that's why as you can see from the text above... it is emphasized that those applications that renders the picture file are the ones FLAWED....

ex.

====start of virus code=======
main prog(){
if (you are reading this){
i'll infect your computer
}
}

====end of virus code =======


what you saw above can be a virus code... but it is not a real virus because it did not really infect your computer... for now it is just a sequence of characters or simply TEXT that you can read.... but what if one day a software application such as this forum interprets and is able to execute the code....THEN it becomes a virus.....


......just a thought.... nice to share ideas....

[SunTzu]

you should update ur patch here:

http://www.microsoft.com/technet/sec.../MS04-028.mspx

[niky]

It's already possible... forum boards are getting too complex, IMHO... some can already execute videos and sound files. And since most forums require you to allow popups for normal service... the possibility of a hacked board infecting your computer doesn't seem so remote anymore.