Be aware of infected JPG/JPEGs on websites (windows)

SagaLore

Elite Member
Dec 18, 2001
24,036
21
81
I'm sure you have already heard about the GDI+ JPEG processing buffer exploit. In case you haven't, here is a refresher:

JPEG Vulnerability

I just came across a website with an image that attempted to use this exploit, but my personal firewall (sygate) blocked it. This wasn't something I got in an email, it actually was a legitimate website I visited, and I have already sent them an email about it.

Why this has such a big impact on you:

html rendered emails (whether from friends or spam)
websites
ads in p2p programs
adware / popup ads
google cached images (unless they're filtering for this?)
pic upload servers (like bbzzdd)

I hypothesized in my article a jpeg virus that could actually infect other jpegs. Make sure your antivirus and personal firewalls are up to date!

FYI This isn't just a Windows problem. Patches were recently released for a buffer expoit in PNG processing on Linux machines:

Latest Linux Vulnerabilities