“Image of Death” threat not over – claim
INTERNET BUSINESS NEWS-(C)1995-2004 M2 COMMUNICATIONS LTD
Managed web security solutions provider Scansafe has warned enterprises that the threat posed by the Microsoft Exploit-MS04-028, also known as “Image of Death”, has not yet passed.
The “Image of Death” is a buffer overflow that allows an attacker to create a JPEG file that takes control of a user’s PC when viewed on a website. According to the company, since the update, ScanSafe has stopped numerous JPEG files identified as containing Exploit-MS04-028, which could potentially execute malicious code or result in a machine crash.
ScanSafe warns that users of certain gateway HTTP AV scanners may still be vulnerable to the exploit, as many of scanners do not inspect image files by default. In these cases the users must follow vendor instructions to update the scanning rules.
((Comments on this story may be sent to firstname.lastname@example.org))
COPYRIGHT 2004 M2 Communications Ltd.
COPYRIGHT 2004 Gale Group