See image, get hax

There’s a new, very bad Windows flaw:

The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.

Yes, that’s right, merely viewing an infected image can open up your machine to hackers.

No need to say what could be said about Microsoft. If you use Windows, stay frosty and be careful of what you click on (as you should anyway). Meanwhile, I’ll click whatever I darn well please with wanton abandon.

UPDATE: Be sure to read Soini’s informative comment.

4 thoughts on “See image, get hax”

  1. darn your mac, and darn you!

    You should make a virus that just says, “Macs Rule” or something equally stupid floating around on their screen when the person accesses your blog. That’d teach us.

  2. I should add two things:

    1) There is no real patch for this problem and it affects EVERY version of windows. Microsoft won’t release a patch until next week at the earliest which is why so many people are up in arms. However there is a 3rd party mod to fix this problem for XP but it’s not something many IT folks would use.

    2) Users with the latest AMD64 and Intel chips with NX (No-Execute) bit are safe from this, so at least the hardware makers are trying to make up for MS’s piss-poor security.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s