Country Living
Country Living, Country Skills
Country People

KountryLife.com - A Country Living Resource and Community
Community
Message Board
Country Topics
Trading Post
Memory Lane
Country Skills
Country Cooking

Channels
Gardening
Livestock
The Kitchen
Machinery
Tools

Photographs
Photo Gallery
Vintage Photos
Special Collections

Fun
Country Humor
Country Sounds
Coloring Book
Interactive Story

Farm Tractors
Pictures
Tractor Parts
Tractor Manuals

Miscellaneous
Classic Trucks
Antique Tractors
Modern Tractors
Site Map
Links Page
Contact Us

  
Country Discussion Topics
To add your comments to this topic, click on one of the 'Reply' links below.

JPG Hole in Microsoft Products
[Return to Topics]

Peanut    Posted 09-28-2004 at 07:34:24       [Reply]  [No Email]
Just in case you are interested in patching your computers, here is an explanation of the latest vulnerability for Microsoft. I swiped this story off another site but it explains it very well.
--------------------------------------
Web watchers issued dire warnings over the weekend and urged PC users to repair the flawed programs immediately after JPGDown.a, also known as JPGDownloader, appeared soon after Microsoft posted patches on its Web site.

Typically, it takes about six days after Microsoft announces a product flaw for virus writers to develop customized codes to exploit it. But JPEGs historically have posed little security risk, and many people have yet to install the patches. Those factors combined greatly expand the threat potential, encouraging hackers to move quickly.

The flaws in question affect Microsoft programs that handle JPEG-formatted image files - files with a ".jpg" extension after their name. Opening a malformed JPEG subsequently opens a program hole through which virus writers can inject malicious code.

"If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges," Microsoft said in a statement.

Not just any malformed JPEG does this; only JPEGs specifically modified with the tool trigger the flaws, and users must first open the files with either Microsoft's Internet Explorer Web browser or Outlook e-mail program. The JPEGs typically come attached to unsolicited e-mail or lurk in Web pages that the unscrupulous lure the unsuspecting into visiting.

Alarms of a comprehensive Web-wide attack began sounding online early Saturday, popping up atop a variety of industry trade journals and Web logs, urging PC users to update their Windows operating systems and Office productivity software without delay.

Although the operating systems by themselves aren't at risk, they're made vulnerable by running any of the flawed programs.

Those programs include Microsoft Office XP and 2003, Digital Image Pro, all versions of Picture It!, and Visual Studio.NET 2003 and 2002. Only Windows XP Service Pack 2 isn't affected
--------------------------------------

Here is the link to get the MS patches.


Dave Munson    Posted 09-28-2004 at 16:26:17       [Reply]  [No Email]
Hummm. Windows 98 is not affected.

A guy at work asked me why I have not switched to xp yet. Actually, I have been thinking about it since they have the second service pack out.

I suppose I will wait another year to see if they finish fixing xp.


Clod    Posted 09-28-2004 at 10:40:29       [Reply]  [No Email]
Thanks for te info Peanut. if I get my other PC with Linux Redhat to dial out .I will test it a few days.I may put a load of some type of Linux in this one..The big fix for XP is a 7 hour download on modem.I leave mine on all night to do that but it kicks off before the complete load. As much money as MS pulls in you would think they could put out a quality product.


Peanut    Posted 09-28-2004 at 10:55:44       [Reply]  [No Email]
PS - You'll need to fire up Internet Explorer to download these patches. The stupid Microsoft website requires IE to be running ... it doesn't like Firefox.


Clod    Posted 09-28-2004 at 11:16:39       [Reply]  [No Email]
Yes,, I noticed MS dont like Foxfire,Im afraid to leave Explorer on much.But no choices are available.Ill try for the patch and sneek back and pull the plug.Its work time.Note at top...... I will add.


[Return to Topics]



[Home] [Search]

Copyright © 1999-2013 KountryLife.com
All Rights Reserved
A Country Living Resource and Community