Code to exploit Microsoft's recently-revealed JPEG-processing security flaw has appeared online, attacks could follow experts warn.
The code was published late last week, only days after Microsoft revealed this "critical" vulnerability and released patches to fix it. Any Windows application that processes JPEG images could be vulnerable. Affected Microsoft software includes Windows and Office products.
So far only "proof-of-concept" code has been published, which can cause a vulnerable Web browser to crash or a PC to freeze. A fully developed exploit would allow an attacker to take control of a victim's computer by remotely opening a command prompt or downloading and running malicious software, one expert said.
Get image conscious
"Typically a proof of concept is a first step towards a full blown exploit," said Johannes Ullrich, chief technology officer at The SANS Institute's Internet Storm Center. "It is an indication that people are playing with it and experimenting to try and get it to work for other purposes, typically to open a remote shell or download and execute code."
Microsoft is aware of the exploit code and is investigating the matter, a company spokeswoman said. "Microsoft’s early investigation of this code indicates that it can cause a computer that does not have (the patches) installed to stop responding, but it does not execute code remotely," she said. The company recommends all users install its recent security patch.
To take advantage of the flaw, an attacker would have to persuade a user to open a specially built image file. The image could be hosted on a Web site, included in an email or Office document or hosted on a local network, Microsoft said.
Microsoft slowly sheds customers
The company's evident security failings are driving many users to dump its clunky software offerings in favour of competing systems, according to USA Today Technology columnist, Kevin Maney.
"People are switching because of the security issue. In Austin, computer consultant Brad Hudelson was once a high-level manager at Dell, the leading maker of Windows PCs. Hudelson says he "gave up after Sasser (virus attacks) last year and replaced all my machines with Apples and Mac OS X," he writes.
"Daryl Forrest is a developer of software for Windows. 'I have moved all non-work-related computing to a new Apple Power Mac G5,' he writes. 'I like Windows XP, but the risks are too high these days. It's sad that it has gotten to this', Maney adds.
Windows easy to break
Microsoft's problems are growing worse, not better: Reuters yesterday reported that viruses attacking Windows systems rose 400 per cent between January and June, year-on-year.
Anti-virus specialist, Symantec, reports that nearly 5,000 new Windows viruses and worms were documented in the first half of 2004, Reuters adds.
The report claims computer hackers are working to infect Windows machines, only to sell details of their newly-created zombie Windows PCs to spammers, who then use these to distribute unsolicited emails globally.
Joris Evers contributed to this report