| Author | Message | ||
     Reepicheep |
Here is a site with good information: http://www.easynews.com/virus.html Basically, there is a virus out that can infect your system just by viewing a jpeg. From the page above, they indicate you can check to see if you have been infected by this virus. Look for a directory named c:\windows\system32\system\ that has nvsvc.exe and winrun.exe in it. This is probably just one of many virii that will attack this issue. Microsoft has patches out to fix some vulnerable DLL's, but other vendors everywhere have vulnerabilities included as a result of Microsofts original software development platform, so it can be a real bear to know if you are patched or not. More news as I get it... | ||
| Xb9er |
Graphics image virus scares/hoaxes have come out periodically over the years. Before you get everyone in a panic, have you made absolutely sure this is for real? Mike. | ||
| Henrik |
Reep knows of what he speaks. Keep your guard up. Henrik | ||
| Chainsaw |
*cough*buyamachintosh*cough*  | ||
| Darthane |
Ahh...to be free of Microsoft. | ||
| Henrik |
Mac forever - Life's too short for Windoze  Henrik | ||
| Reepicheep |
XB9r, you are absolutely right, it has been a theoretical threat since at least 1991 (first time I heard of it). Lots of false alarms as well. It has been kind of the holy grail for malware authors for a decade, but never realized. Much to my dismay, it is now absolutely true. And worse then that, its not "just an explorer bug that needs a patch", but a flaw with a microsoft supplied development DLL that is redistributed with a boatload of products, and co-exists in parallel in a bunch of places on your machine. Microsoft patches fix the ones they own (Microsoft products), but they can't patch what they don't know about, and a boatload of programs use this library. Here is an authoritative source: http://isc.sans.org/ They don't get any more authoritive then that... Install the microsoft patches, and make sure your antivirus definitions are up to date (daily at a minimum until this blows over). Don't open suspicious jpegs you get in the mail. | ||
| Phillyblast |
We block all attachments at work, including jpegs. People always complain, saying "but they're just jpegs". Now they know why. oh, and (cough)buy a mac(cough) | ||
| Glitch |
Windows is the bane of my existence  At home I'm free, as in free speech, not free as in free beer...  | ||
| Jlnance |
Oh what a great excuse for a plug  . You might want to check out the firefox browser which you can download for free from www.mozilla.org . I would be most pleased if you like it, as I helped write it. I suspect it not to be vulnerable to this virus, though I can not be absolutly certain of that as I do not run windows. Jim PS: Glitch  0.12 was my first kernel | ||
| Glitch |
And FireFox RuleZ! | ||
| Maverick9s |
Question. Can anyone tell me why tell sell Virus protection software for Mac's?  | ||
| Midknyte |
As I understand it though, you must already be infected with another component and the corrupted jpeg acts as a trigger. Or has this one advanced past this to carry the full payload in the image? | ||
| Henrik |
Can anyone tell me why tell sell Virus protection software for Mac's Because bad things happen, even to good people  Henrik | ||
| Bigdaddy |
Hey Jim -- great product. It's widely used in your neighborhood too :-) Firefox has become a 'MUST' in some security circles -- especially RTP, Creekstone, Miami Blvd. If you want a real OS, for nearly all HW platforms, FreeBSD will set you free. | ||
| Stealthxb |
Jlnance... FireFox Rocks!!!  | ||
| Reepicheep |
Ditto, firefox has been my daily driver for a long time now. Excellent work! Maverick... antivirus for macs is important because there is a chance that someday there may actually be enough mac users to actually bothering to write a virus to infect *ducking*... Midnyte... this is a new one. The whole payload is in the image... it execute, and as a result will go to an FTP site and then download the rest of the rootkit. I don't think the one spotted this morning will go out on your system and infect other jpegs, but it's pretty early to tell, and more variations will be forthcoming. | ||
| Mbsween |
Glitch ever take a look at Gentoo? Ultimate control over your OS..... http://www.gentoo.org Although any linux is better than windoze | ||
| Glitch |
ever take a look at Gentoo? Just now. Thanks for the link. Virus writers, all that energy going in the wrong direction. | ||
| Josh_ |
Security Alert, September 28, 2004 Multiple Vulnerabilities in Mozilla-based Web Browsers Multiple vulnerabilities have been discovered in Mozilla, Mozilla Firefox, and Mozilla Thunderbird, the most severe of which could compromise a system. The vulnerabilities (discovered by Georgi Guninski, Wladimir Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman, Daniel Koukola, Andrew Schultz, and Harald Milz) include a long list of problems--too many to list in this security alert! The Mozilla organization recommends that affected users immediately upgrade to the latest release of software. | ||
| 99buellx1 |
Josh_ Got a link for that excerpt? Craig | ||
| Josh_ |
Don't know if it works for non-subscribers but: http://www.windowsitpro.com/article/articleid/43991/43991.html | ||
| Kevyn |
I was tagged by a virii that disabled my IE but thanks to Mozilla FireFox I'm still chuggin' along...and I think the virii was a jpeg infection...caught by Norton but not before the port damage was achieved. P.S. I'm not IT educated and just barely know what I'm talking about. | ||
| Reepicheep |
The jpeg exploit just started hitting this morning. I doubt thats what popped your box, there are no shortage of other vulnerabilities on the windows platform... |
