Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Trojan Horse implants back door in Windows pc's

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

September 29, 2004

Internet observers say they've spotted infected images that could implant a back door into a Windows computer if they are viewed. EasyNews, a provider of Usenet newsgroups, said it has identified two JPEG images that take advantage of a previously identified flaw in the way Microsoft software handles graphics files.

Windows users could have their computers infected merely by opening one of those Trojan horse images.

The report of the widely expected exploit comes less than a week after sample code appeared that demonstrated how to take advantage of Microsoft's programming error. Some security researchers worry that the ubiquity of JPEG images provides an unprecedented opportunity to spread malicious code through file-trading networks, the Web or spamming.

But the Trojan horse images may not be as threatening as a more sophisticated version of the exploit could be.

"These JPEGs did not replicate, so this is not a virus," antivirus software company F-Secure stated in its Weblog. "Apparently they tried to use these JPEGs to download Trojan (horse programs) to vulnerable computers, but the download sites should be down by now."

Get the best Linux or Windows Web hosting plan for your website.
Get the lowest rate and the best tech support on any Linux or Windows hosting plan. Learn more by clicking here.

Windows' Graphic Device Interface Plus (GDI+) software contains a JPEG-processing vulnerability that affects dozens of Microsoft products, including the Office suite. Windows XP and Windows Server versions are vulnerable unless a Microsoft patch has been installed in the last few weeks or, in the case of XP, if the systems have been upgraded to Service Pack 2.

Other Windows versions may be at risk depending on what applications are installed. The issue does not affect non-Microsoft operating systems such as Linux and Mac OS X.

Developers at Santa Monica, Calif.-based EasyNews created a short program to scan JPEG files flowing through their system for identifying features of the GDI+ exploit.

"It paged my cell phone at 6:47pm PDT on 9/26/2004 for the first hit, and 7:52pm PDT on 9/26/2004 for the second hit," one of the developers wrote in a Web posting.

Mike Minor, EasyNews' chief technology officer, said he had been monitoring the Usenet feed for 36 hours before discovering an infected image. "We couldn't find any other trace of any other posts from that IP address," Minor said. EasyNews has not spotted any infected JPEGs since the two it identified late Sunday.

Once the Trojan horse is activated by viewing the image, it connects to an FTP (File Transfer Protocol) site and downloads software that installs a back door in the infected Windows machine.

Source: C-Net News

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

Back to the top of the page.         

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet 2003    Terms of use    Privacy agreement    Legal disclaimer