PNG image exploit code targets Windows Media Player and MSN
Messenger
|
| Microsoft issued security patches and advice
about the problem on 8 February 2005 |
Malicious exploit code has been published on the internet,
taking advantage of a critical security hole in Microsoft's Windows
Media Player and MSN Messenger software. The code, that exploits a
security vulnerability associated with PNG image files, was only
protected against in a patch issued by Microsoft on 8 February.
Sophos recommends that customers ensure their computers are patched
and protected.
The security hole could be exploited by malicious hackers or a
future internet worm.
Microsoft first published a technical bulletin about the problem on
8 February 2005, including links to security patches. At the same
time they issued advisories about eleven other security
problems in their software.
"Microsoft won't be happy that someone has posted information
about how to take advantage of their critical security hole within
48 hours of their patch being released, as many computer users are
bound to have not yet defended themselves," said Graham Cluley, senior
technology consultant for Sophos. "Many businesses find it
difficult to keep on top of the Microsoft patching problem as new
vulnerabilities are found on a regular basis. The message to all
computer users should be clear: This vulnerability is serious.
Everyone should ensure their systems are properly protected with
the security patch at the earliest opportunity."
Sophos recommends that every IT manager responsible for security
should consider subscribing to vulnerability mailing lists such as
that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.
"Home users should consider checking out the services Microsoft
offers at windowsupdate.microsoft.com, which can scan
your home PC for security vulnerabilities and suggest which
critical patches need to be installed," continued Cluley.
"Additionally, if they use MSN Messenger, they should update
themselves to the latest version now."
Microsoft has published further information about how home users
and businesses should respond to the threat at www.microsoft.com/security/incident/im.mspx.
Sophos continues to recommend computer users practise safe computing as well as running
up-to-date anti-virus software.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.