Could someone please explain what this Microsoft GDIPlus.DLL JPEG Vulnerability is?
It is the most serious exploit ever discovered that viruses can use.
Specifically, it allows viruses to spread in JPEG files, something nobody previously thought possible. Fortunately, it only can work on unpatched computers. But most computers are unpatched, and patching them can range from easy to difficult to impossible, depending on the circumstances.
Are all JPEG's vulnerable or just some with a bad format?
Only JPEG files that are created maliciously are a problem. But there have already been some sent out.
The company I work for does a lot of graphics work and people email jpegs around. A few have been caught and I'm trying to understand why. I'm assuming (yes I shouldn't do that) that more are sent then are caught.
That's because Microsoft screwed up, and gave out an algorithm for detecting the exploit that has false positives. We plan to have full JPEG analysis soon, to work around this (with absolutely no code from Microsoft in it <G>).
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000.
Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
