|
|
Thursday, September 30, 2004
|
Instant messaging worm exploits JPEG flaw
|
|
You are sending an email that contains the article
and a private message for your recipient(s). |
| Your Name: |
|
| Your e-mail: |
* Required! |
| Recipient (e-mail): |
* |
| Subject: |
* |
| Introductory Message: |
|
HTML/Text
(Photo: Yes/No) |
(At the moment, only Text is allowed...)
|
| |
|
| Message Text: |
Security experts have spotted the first attempts to create an Internet worm that propagates using instant messages and exploits a recently disclosed flaw in Microsoft software.
Researchers at The SANS Institute's Internet Storm Center (ISC) have had two reports of users receiving messages on America Online's AOL Instant Messenger service that lured them to Web sites containing malicious code, said Johannes Ullrich, chief technology officer at SANS ISC, in an interview on Wednesday. The messages told the users to "Check out my profile, click GET INFO!"
When visiting the Web sites, the malicious code would attempt to install "backdoor" software on the user's PC that gives remote attackers total control over the machine. Additionally, messages containing a link to the site would be sent out to all contacts on the victim's instant messenger contacts list, Ullrich said.
The malicious code is embedded in a JPEG image and exploits a security flaw in the way many Microsoft applications process such images. Microsoft identified and patched the flaw on Sept. 14, but users have complained that patching is onerous because several applications, including Office and Windows, require separate patches. |
|
|
|
|