Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 233
  • Last Modified:

September 2004 Security Update for JPEG Processing (GDI+)

It just keeps getting more intense out there in terms of intrusions.  Not sure if this is well known, but wanted to post and get some feedback.  Curious how this type of thing can impact those of us who do imaging and for the many who've gone the Camcorder (digital photography) route and upload to places like PhotoWorks, Snapfish, etc. that are JPEG images.  Very scary.

September 2004 Security Update for JPEG Processing (GDI+)
The GDI+ security update for September 2004 addresses newly discovered issues in JPEG processing technology. This issue affects software that supports this image format, including some versions of Microsoft Windows, Microsoft Office, and Microsoft developer tools. If you have any of the listed software installed on your computer, you should install the related update.

Depending on the software you are using, you may need to install multiple updates from multiple locations.

Source for more here:
http://www.microsoft.com/security/bulletins/200409_jpeg.mspx

Asta
0
Asta Cu
Asked:
Asta Cu
  • 9
  • 3
  • 2
  • +1
5 Solutions
 
Asta CuAuthor Commented:
Yup, bad news.  People should move to PDF until more safeguards are out there.
0
 
Asta CuAuthor Commented:
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
blue_zeeCommented:

Just wondering...

I'm patched but I receive an e-mail attachment from an unpatched PC... and with the safety/security level of OE...

Damn, that can hurt!
:((

Zee
0
 
LimeSMJCommented:
This particular critical update falls into the "buffer overflow -> remote code execution" problem found in unchecked code.  It's a problem with a variety of programs since the pressure to release a new version usually means little or no vulnerability checks (basically, if the program works, then assume there's no problem and release to public).  A bulk of the new security updates fixes from Microsoft address many buffer overflow issues with different components of Windows and their integrated applications (such as Internet Explorer).  There is no single way to check a huge program (such as Windows) for buffer overflows in a timely and accurate fashion... this is why Microsoft probably adopted their new safe/secure programming philosophy - where code is routinely checked during development to make sure that it is free of bugs or holes that can be exploited.

Even so, with so many different kinds of computers and the constant influx of new technologies (both software and hardware), there is only one real way to prevent a possible intrusion on your computer... get off the grid.  Without any type of Internet connection, there is little or no threat to your computer or any of your personal information/files - unless for some reason you (or family members) like to hack yourselves.  :)  In fact, buffer overflow exploits, DDoS attacks, SPAM, hacking, intrusions, etc.  would all be moot to a computer that isn't connected to the Internet...

Of course, in reality, getting off the net would make your computer pretty much useless since the bulk of personal computing today is Internet related.  What should you do if an exploit is found with a program (or file) that you use??  Well... just install the patch and keep on truckin'.   Computers are here to stay in spite of all of the cons related to it... it's a tool that can do great things - both good and bad.  For an IT guy like me, it's what keeps me eating and puts a roof over my head.

...as far as this exploit's impacts to you as a user of JPEG images - the patch is rated at critical so it should be immediately installed.  Huge websites such as the ones you mentioned, usually have counter-measures for known exploits (such as the one mentioned) and ones that haven't been found yet - so I wouldn't be too wary of the integrity of any of the files you use.  If anything, keep backups of your important files and update your computer frequently with any patches that are released.

Here's more of what the GDI+ component actually is in a Windows OS : http://www.bobpowell.net/gdiplus_faq.htm
0
 
Asta CuAuthor Commented:
For real!  I've been filtering all email twice; once at the Yahoo Plus interface service for my DSL ISP provider with all those "safeguards", then again locally.  It's insane!  Talk about being counter-productive.
0
 
LimeSMJCommented:
By the way, PDFs aren't immune to exploits: http://www.net-security.org/vuln.php?id=3390
0
 
Asta CuAuthor Commented:
Thanks also, LimeSMJ, excellent points!

Zee, for Hotmail Plus/Premium, etc.  filters exist and I use them all including not allowing any images to be opened without my taking steps to open them.  Getting a bit paranoid used to like the Rich Text Editor and all the bells and whistles, but keep seeing that I need to get out of the cool stuff back into the safety zone.
0
 
Asta CuAuthor Commented:
LimeSMJ --  How did you find this?  I've looked for PDF vulnerabilities for some time, you've given me a link to the first.  Are there others you've found?  Drat drat drat.  This has all the making of a bad day!  Wonder why Adobe has not responded, you'd think they'd be on top of this big time!
0
 
Asta CuAuthor Commented:
I reported that vulnerability to Adobe about Acrobat Pro V. 6.0 here:
http://www.adobe.com/misc/thanksbug.html
0
 
Asta CuAuthor Commented:
Also did a Product Request Feature to Adobe for Acrobat Pro 6.0 to resolve the vulnerabilities.  Hope something comes of it.
0
 
LimeSMJCommented:
astaec,

Do a search in Google Groups for "pdf exploits" and you'll see some interesting issues with PDF files... nothing real big but some (like the one I mentioned before) can easily crash a user's computer.  In addition, we are only discussing the PDF file itself here... there are still many issues with several PDF writers (even Adobe Acrobat) that can be exploited to cause computer instability.  In reality, there is no real way that Adobe could fix that particular problem since the issue has to deal with the PDF reader's autofix ability - I guess the only real way to defeat such an exploit is to disable the autofix feature so that the user's computer just closes any corrupted PDF file without trying to repair it.

There are a lot of bored people out there with computers.  Hacks have always been around - it's only now that computing has reached mainstream that people are starting to see them.  I wouldn't lose sleep over these little exploits... unless of course you were like the CTO/CIO of a major financial institution where an intrusion into the servers would be really bad as opposed to someone's personal computer needing a reboot.  :)
0
 
Asta CuAuthor Commented:
":0)  Whew!  Thanks, feeling better already.  Checked the google query; mind-boggling results.  
0
 
kitisakCommented:
You should try to use GDI Scanner to scan your machine. You will know that which software has a problem. You can find more information at  http://www.bleepingcomputer.com/forums/topict3077.html
0
 
Asta CuAuthor Commented:
Thanks everyone.
Asta
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 9
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now