Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA04-258A -- Vulnerability in Microsoft Ima

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA04-258A -- Vulnerability in Microsoft Image Processing Component
Date: Tue, 14 Sep 2004 19:19:10 -0400 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                        Cyber Security Alert SA04-258A
            Vulnerability in Microsoft Image Processing Component

   Original release date: September 14, 2004
   Last revised: --
   Source: US-CERT

Systems Affected

  * Applications that process JPEG images on Microsoft Windows,
    including but not limited to

     * Internet Explorer
     * Microsoft Office
     * Microsoft Visual Studio
     * Picture It!
     * Applications from other vendors besides Microsoft

Overview

     An attacker may be able to gain control of your computer by taking
     advantage of the way some programs process the JPEG image format.

Solution

  Apply a patch

     Microsoft has issued updates to address the problem. Obtain the
     appropriate update from Windows Update and from Office Update.

     Note: You may need to install multiple patches depending what
     software you have on your computer.

  Use caution with email attachments

     Never open unexpected email attachments. Before opening an
     attachment, save it to a disk and scan it with anti-virus software.
     Make sure to turn off the option to automatically download
     attachments.

  View email messages in plain text

     Email programs like Outlook and Outlook Express interpret HTML code
     the same way that Internet Explorer does. Attackers may be able to
     take advantage of that by sending malicious HTML-formatted email
     messages.

  Maintain updated anti-virus software

     It is important that you use anti-virus software and keep it up to
     date. Most anti-virus software vendors frequently release updated
     information, tools, or virus databases to help detect and recover
     from virus infections. Many anti-virus packages support automatic
     updates of virus definitions. US-CERT recommends using these
     automatic updates when possible.

Description

     Microsoft Windows Graphics Device Interface (GDI+) is used to
     display information on screens and printers, including JPEG image
     files. An attacker could execute arbitrary code on a vulnerable
     system if the user opens a malicious JPEG file via applications
     such as a web browser, email program, internet chat program, or via
     email attachment. Any application that uses GDI+ to process JPEG
     image files is vulnerable to this type of attack. This
     vulnerability also affects products from companies other than
     Microsoft.

References

     * September 2004 Security Update for JPEG Processing (GDI+) -
       <http://www.microsoft.com/security/bulletins/200409_jpeg.mspx>
     * US-CERT Vulnerability Note VU#297462 -
       <http://www.kb.cert.org/vuls/id/297462>
   _________________________________________________________________
     
   Author: Mindi McDowell. Feedback can be directed to US-CERT, at
   "US-CERT Security Alerts" at <mailto:cert@cert.org>. Please include
   the Subject line "SA04-258A Feedback VU#297462".
   _________________________________________________________________   
     
   Copyright 2004 Carnegie Mellon University.
     
   Terms of use: <http://www.us-cert.gov/legal.html>
     
   This document is available from
     
   <http://www.us-cert.gov/cas/alerts/SA04-258A.html>
     
   Revision History
     
      September 14, 2004: Initial release
     

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFBR3B1XlvNRxAkFWARAtRbAJ9FRO0XqiiEMNjjwGoTBpox2wJqWgCg1YzJ
8JEt8xDHp6Gm5LXjI8y0uOU=
=ehyf
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA04-258A -- Vulnerability in Microsoft Image Processing Component, US-CERT Alerts <=
Previous by Date:  US-CERT Cyber Security Alert -- New US-CERT PGP Key, US-CERT Alerts
Next by Date:  US-CERT Cyber Security Alert SA04-261A -- Multiple vulnerabilities in Mozilla products, US-CERT Alerts
Previous by Thread:  US-CERT Cyber Security Alert -- New US-CERT PGP Key, US-CERT Alerts
Next by Thread:  US-CERT Cyber Security Alert SA04-261A -- Multiple vulnerabilities in Mozilla products, US-CERT Alerts
Indexes:  [Date] [Thread] [Top] [All Lists]