Tuesday, October 05, 2004

Picture this: Viruses in photos coming to a PC near you

By DWIGHT SILVERMAN
Copyright 2004 Houston Chronicle

Beware: the creators of viruses, trojans and other evil computer programs have a new toy.

There's a good chance their joy will be your misery, unless you've done the right thing and kept your Windows-based system up to date and know better than to click on unexpected attachments.

But even the techno-vigilant may be lulled this time, because this new threat comes from something previously considered safe — digital image files. Suddenly, those adorable photos of your high school buddy's new baby could convey a lot more than just warm fuzzies.

In mid-September, Microsoft warned that a bug in the way many of its programs display JPEG graphics files could allow a hacker to take control of a computer. The company issued patches, making them available through its automated Windows Update system. It also noted that those who'd installed Service Pack 2 for Windows XP are not affected.

The list of affected Microsoft products is quite long and includes Windows XP (both 32- and 64-bit versions), Windows Server 2003, Office 2002 and 2003, and even many versions of the photo-editing software the company sells, such as PictureIt and Digital Image Pro.

You can see the complete list, and get the various patches for them, at www.microsoft.com/technet/security/bulletin/MS04-028.mspx.

What makes this particularly alarming is that JPEG files — usually identified on Windows systems with a .JPG extension — have always been considered safe. JPEG is the most-used file format for saving digital images. It is used by most digital cameras, and most images you see on Web sites are JPEG files.

As a result, even users who know better than to open unexpected e-mail attachments don't think twice about clicking on picture files.

Given this behavior and the right conditions — a well-designed virus and a slew of unpatched Windows systems — the potential exists for a serious digital epidemic.

There are already signs of the coming apocalypse.

Within a couple of weeks of the flaw's announcement, antivirus experts began to see test code and then some JPEG images that took advantage of it. First, files were spotted in Usenet, the collection of thousands of discussion forums. Later, an AOL Instant message alert invited users to click on the sender's profile, which then directed them to a tainted image file.

And Finjan, a San Jose, Calif.-based maker of antivirus software, reported it was also possible to place virus-laden JPEG files on a Web page, thereby infecting unprotected users who viewed it.

At this writing, the Big Kahuna of JPEG viruses has not yet struck, but it's just a matter of time.

An effective attack using JPEG files could blend several strategies, including spoofing the "From:" address so recipients can't tell where it originated. That means any file with a .JPG extension that shows up in e-mail becomes suspect, making the great cyber-pastime of sharing photos a dangerous exercise.

What can you do to protect yourself? Windows XP users who have not already done so should install Service Pack 2 (see www.chron.com/sp2). All Windows users should check the previously mentioned Microsoft site to see if any of the affected products are on your machine, and patch them accordingly.

In theory, if every Windows machine was upgraded and patched, even a well-designed JPEG virus wouldn't get far. It's hard for an infection to spread when the entire population's inoculated.

But that's not going to happen. Computer users don't patch and/or upgrade for a variety of reasons, ranging from the sheer cluelessness of many home users to the cautiousness of businesses that rigorously test upgrades before deploying them.

Your best defense is to behave intelligently. Don't blindly click on every Web address sent to you in an e-mail or an instant message. If you receive an e-mail from someone who normally doesn't send you "this site is cool" invitations, reply first and ask if that person really sent the link.

And don't automatically open image files you weren't expecting, even if they come from someone you know.

If you're tired of constantly being bombarded by malicious code that takes advantage of flaws in Windows, you might consider switching to another kind of computer, such as a Macintosh or one that runs the Linux operating system.

Next week I'll show you some easy ways to test-drive Linux on your current machine, without even having to install it on your hard drive.

dwight.silverman@chron.com / www.dwightsilverman.com
HoustonChronicle.com - Computing

0 Comments:

Post a Comment

<< Home

Who links to me?