JPEG Graphic Files Vulnerability… Be Careful What You Look At!

 
       
    Greetings, NSDCAR Members!  
       
    Never mind oil prices, or high-dollar gas at the pump… now the price of just looking at a pretty picture could be very expensive, indeed!  
       
    A new security threat is sweeping the Internet community, following the publication of details of a vulnerability in a popular graphics file format, called ‘JPEG’.  This acronym stands for Joint Photographic Experts Group, the body that designed and promoted the ‘jpeg’ digital picture format.  This format for web-based images is prized for its high compression algorithm, which stores huge amounts of redundant color and pixel information in a very small amount of file space, making high resolution photographs and graphic images more portable and faster to load, for web applications.  
       
    Now, a vulnerability has been identified that can allow a remote user to open a Windows command prompt on an unprotected computer, and open a port to the Internet, through which the invading party can control the invaded system.  The worst aspect of this new threat is that it does not require anything but opening an image to become infected, and the image can travel via email, a website, an instant message, or a document.  
       
    While no viruses or “Trojans” have yet been identified in the wild that utilize this exploit, experts know that it’s only a matter of time, and not much time, at that.  Exercise caution, and don’t accept or open any message or email that is not of a known and trusted origin.  Never respond to a “pop-up” advertisement or message, and think twice about any offered screensaver, pretty picture, calendar, greeting card, or Windows enhancement “themes” to change the appearance of your desktop or browser.  
       
    The problem can be avoided by loading Windows XP Service Pack 2 from Microsoft, if using the XP operating system, or by applying security patch MS04-028 for Windows 98, Me, and 2000.  
       
    Here at NSDCAR, our electronic communications are scanned carefully during sending, and are free of infection or malware when sent to our members.  Remember, however, that any message sent across the Internet is passing through many servers and routers on its way to the recipient, and any unprotected computer can infect or compromise the integrity of data that passes through it.  Your best protection is taking a proactive stance toward the hazards of open computing, and employing good security measures where it counts most.  
       
    There has been some controversy over the JPEG graphics standard for some time now, as it's considered a proprietary format.  REALTORS®, who employ graphics in many of their marketing outreach efforts, should seriously consider employing another technology, such as PNG (Portable Network Graphics), which avoids the digital rights issues and this new security vulnerability.  
       
    Don’t get nailed by this latest threat… apply your Windows Updates today, and make sure your antivirus and other defense software suites (personal firewalls, spy-ware and ad-ware removers, etc.) are updated daily.  Making it a habit to update these protections every time you turn on your system is good practice, and just might save you from a very costly invasion!  
   

<Back to What's New>