Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
George V. Hulme
October 1, 2004
1 Min Read
Attackers have posted a malicious JPEG image file that attempts to exploit a critical vulnerability Microsoft disclosed and issued a patch for on Sept. 14 in its MS04-028 security bulletin.
According to postings on the Internet security mailing list Bugtraq and the Easynews Web portal, the infected JPEG file was posted Monday to Internet newsgroups that distribute pornography. Users who download the file could allow attackers to take complete control of their systems. Internet security information group Internet Storm Center issued an advisory saying the malicious file appears to have been developed using one of the many published "exploit kits" that are designed to make it easier to attack the MS04-028 vulnerability.
The center tested the attack-image file on unpatched Windows 2000 and XP SP1 systems running Internet Explorer. It said that while the malicious file managed only to crash Internet Explorer, better attacks are likely on the way. "We suspect that a working exploit is very close to widespread availability," wrote the center's Joshua Wright in the advisory.
Most popular antivirus applications can detect and protect against this attack, and Microsoft is urging users to update their systems with the patch included in its MS04-028 security bulletin.
About the Author(s)
An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.
You May Also Like
Protecting Your Hybrid and Hyperscale Data Centers
*Why DDI? Why it is Important to Integrate DNS, DHCP, and IP Address Management in Your Network
MontanaPBS Shifts to Agile Broadcasting With Help from Raritan KVM Solutions
IT Service Desk Overwhelmed?
2022 Retrospective: The Emergence of the Next Generation of Wi-Fi