Version: 2008
  • On GameFAQs: Is it OK to lay my Wii down on its side?
advertisementGet Smart about Business Spending

Comments on: JPEG exploit could beat antivirus software

Security experts say attacks using image files could bypass established defenses.

Add a Comment (Log in or register) (18 Comments)
  • prev
  • 1
  • next
M/S Malware Assistance
by September 29, 2004 9:02 AM PDT
One aspect of this story that has not gotten any attention that I?ve seen is that Microsoft sells a discounted version of the most popular portion of their MS-Office suite to Teachers and Students. There are two catches to the discounted price: 1) it?s not the full suite and 2) the ability to upgrade or update is removed. This would all be quite reasonable except for the fact that security fixes as described in this article cannot be applied either. In this sense, Microsoft is aiding the virus spreaders by selling current software to legions of students and teachers who are unable (by design) to patch the security holes.
Reply to this comment
Please check your facts?
by C.Schroeder September 29, 2004 9:26 AM PDT
I have the academic version of Office 2000, and I have been able to install its service packs and critical updates. The Office Update client works just fine with it. What you don't get is support (you have to pay up front to file a support issue) and there is no discount to upgrade to a new version (e.g. Office XP).

Curt
View reply
M/S Malware Assistance
by September 29, 2004 9:02 AM PDT
One aspect of this story that has not gotten any attention that I?ve seen is that Microsoft sells a discounted version of the most popular portion of their MS-Office suite to Teachers and Students. There are two catches to the discounted price: 1) it?s not the full suite and 2) the ability to upgrade or update is removed. This would all be quite reasonable except for the fact that security fixes as described in this article cannot be applied either. In this sense, Microsoft is aiding the virus spreaders by selling current software to legions of students and teachers who are unable (by design) to patch the security holes.
Reply to this comment
Please check your facts?
by C.Schroeder September 29, 2004 9:26 AM PDT
I have the academic version of Office 2000, and I have been able to install its service packs and critical updates. The Office Update client works just fine with it. What you don't get is support (you have to pay up front to file a support issue) and there is no discount to upgrade to a new version (e.g. Office XP).

Curt
View reply
Why does the file extenstion matter?
by C.Schroeder September 29, 2004 9:18 AM PDT
"Normal antivirus software by default will not detect JPEGs," Hypponen said. "You can set your antivirus scanner to look for JPEG, but the trouble is that you can change the file extension on a JPEG to so many things."

I don't get it. Recommended security policy for more than two years has been to scan ALL files, period, to foil attacks that depend on alternate extensions. Why is this not the default for all current antivirus software?! The modern PC has more than enough horsepower to spare for this. Not scanning all files probably shouldn't even be an option anymore.

Curt
Reply to this comment
Because...
by TimeBomb September 29, 2004 1:56 PM PDT
* Not everyone has a PC that was built 10 minutes ago. Are you rich? Sorry, not everyone is.

* Not all modern anti-virus software is configured by default to scan all extensions. It may even be true that most do not.

* More than enough horsepower? Scanning ALL files slows any system down VERY significantly. There is a great deal of overhead, disk, processor, and otherwise. It's not a non-issue as you suggest.

* Anyone concerned should dump the yellow box and switch to Kaspersky Anti-Virus.
View reply
Why does the file extenstion matter?
by C.Schroeder September 29, 2004 9:18 AM PDT
"Normal antivirus software by default will not detect JPEGs," Hypponen said. "You can set your antivirus scanner to look for JPEG, but the trouble is that you can change the file extension on a JPEG to so many things."

I don't get it. Recommended security policy for more than two years has been to scan ALL files, period, to foil attacks that depend on alternate extensions. Why is this not the default for all current antivirus software?! The modern PC has more than enough horsepower to spare for this. Not scanning all files probably shouldn't even be an option anymore.

Curt
Reply to this comment
Because...
by TimeBomb September 29, 2004 1:56 PM PDT
* Not everyone has a PC that was built 10 minutes ago. Are you rich? Sorry, not everyone is.

* Not all modern anti-virus software is configured by default to scan all extensions. It may even be true that most do not.

* More than enough horsepower? Scanning ALL files slows any system down VERY significantly. There is a great deal of overhead, disk, processor, and otherwise. It's not a non-issue as you suggest.

* Anyone concerned should dump the yellow box and switch to Kaspersky Anti-Virus.
View reply
What?
by ajbright September 29, 2004 10:27 AM PDT
What idiot wrote this article? If antivirus software only scanned files with a .exe file extension then they'd be of absolutely no use to anyone.

Jpeg files are not exactly alone in having more than one possible file extension. And when it comes to viruses, the file extension is irrelevant. In other words exes could be given any filename - including no extension at all - and still execute.

So to suggest that antivirus software will come unstuck just because you can rename a .jpg to a .ico is stupid to say the least.

It seems to me that these days there is a massive effort to over-sensationalize any story that has anything to do with PC security.

The worst part is that this is supposed to have come from a technical website. Clearly they are interviewing people with absolutely no background in computer security and using these peoples uneducated musings as the basis of their stories.
Reply to this comment
What?
by ajbright September 29, 2004 10:27 AM PDT
What idiot wrote this article? If antivirus software only scanned files with a .exe file extension then they'd be of absolutely no use to anyone.

Jpeg files are not exactly alone in having more than one possible file extension. And when it comes to viruses, the file extension is irrelevant. In other words exes could be given any filename - including no extension at all - and still execute.

So to suggest that antivirus software will come unstuck just because you can rename a .jpg to a .ico is stupid to say the least.

It seems to me that these days there is a massive effort to over-sensationalize any story that has anything to do with PC security.

The worst part is that this is supposed to have come from a technical website. Clearly they are interviewing people with absolutely no background in computer security and using these peoples uneducated musings as the basis of their stories.
Reply to this comment
A picture is worth a thousand worms!!!!!!!!!!!!
by October 6, 2004 6:33 PM PDT
!!!!!!!
Reply to this comment
A picture is worth a thousand worms!!!!!!!!!!!!
by October 6, 2004 6:33 PM PDT
!!!!!!!
Reply to this comment
(18 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET