Post by Cher on Dec 30, 2005 18:28:27 GMT -5
This is from a friend of mine, who's hubby works for the Department of the Interior. I checked the link, and there is sure as heck an advisory. Be careful out there.
A new Microsoft Windows malicious exploit was released yesterday. The vulnerability, when exploited, can give full control of a PC to the exploiter (they can either trash your computer or use it for their own purposes). The vulnerability is with a Windows application file that is used to view graphics. This file is used by Internet Explorer and is often used by 3rd party applications as well.
Because of the nature of this vulnerability, exploit variants can change their "signature" at a very rapid rate (the file signature is what antivirus programs use to detect malicious files. There have been at least 57 variations in the past 48 hours). Therefore it's going to be difficult for Symantec (Norton Antivirus) and our other security applications to keep up with all variations. We are mostly concerned with eMail worms sending the infected images to people via eMail message attachments.
What is vulnerable: All versions of Microsoft Windows since Windows 98 (including Windows 98, Windows ME, Windows 2000, Windows XP, Windows 2003),all service pack and patch levels (to date).
What you can do:
Do not open or preview any graphic files sent to you via eMail unless you know the sender and were expecting the file. If in doubt call the sender and ask them if they meant to send you the file (email worms often fake the sender name by harvesting email addresses from a person's private address book. So just because you know the person that doesn't mean the attachment is safe). The following file extensions are graphic image files that should be suspect: WMF, BMP, GIF, PNG, JPG, JPEG, JPE, JFIF, DIB, RLE, EMF, TIF, TIFF and ICO. Avoid small or untrusted websites that may be hosting infected images (intentionally or unintentionally). Update your Antivirus program's signatures as often as possible. Microsoft should be releasing a fix within a few days. You should automatically receive the fix if your computer is configured properly for Windows Updates.
You can reference the following sites for additional information:
Microsoft's Technical Advisory -
www.microsoft.com/technet/security/advisory/912840.mspx
Because of the nature of this vulnerability, exploit variants can change their "signature" at a very rapid rate (the file signature is what antivirus programs use to detect malicious files. There have been at least 57 variations in the past 48 hours). Therefore it's going to be difficult for Symantec (Norton Antivirus) and our other security applications to keep up with all variations. We are mostly concerned with eMail worms sending the infected images to people via eMail message attachments.
What is vulnerable: All versions of Microsoft Windows since Windows 98 (including Windows 98, Windows ME, Windows 2000, Windows XP, Windows 2003),all service pack and patch levels (to date).
What you can do:
Do not open or preview any graphic files sent to you via eMail unless you know the sender and were expecting the file. If in doubt call the sender and ask them if they meant to send you the file (email worms often fake the sender name by harvesting email addresses from a person's private address book. So just because you know the person that doesn't mean the attachment is safe). The following file extensions are graphic image files that should be suspect: WMF, BMP, GIF, PNG, JPG, JPEG, JPE, JFIF, DIB, RLE, EMF, TIF, TIFF and ICO. Avoid small or untrusted websites that may be hosting infected images (intentionally or unintentionally). Update your Antivirus program's signatures as often as possible. Microsoft should be releasing a fix within a few days. You should automatically receive the fix if your computer is configured properly for Windows Updates.
You can reference the following sites for additional information:
Microsoft's Technical Advisory -
www.microsoft.com/technet/security/advisory/912840.mspx
