Scanner released to detect and repair MS04-028 infected JPEG files

• Previous message: Steve Boyce: "Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2"
• In reply to: Russ Cooper: "Alert: Microsoft Security Bulletin MS04-038 - Cumulative Security Update for Internet Explorer (834707)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Sat, 23 Oct 2004 01:48:05 +0800
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

A free scanner called JPEGScan has been released specifically to detect and repair JPEG image files infected with the MS04-028 vulnerability (and all known variations). Rather than employing anti-viral signature detection or string matching techniques, JPEGScan properly "walks" through each block in a JPEG file (as specified by the JPEG file structure) looking for infected areas which indicate the presence of MS04-028 infection. The Repair capability means that many infected JPEGs can become viewable if they were based on a real JPEG to begin with, or at the very least are rendered harmless. Available as both a classic Windows GUI application and a console application, Administrators in particular will find JPEGScan useful for sweeping their networks for infected images, but all users in general will find it a useful tool to add to their security arsenal.
 
Further information and the direct download (less than 30kbs) can be found at http://www.diamondcs.com.au/jpegscan/
 

• Previous message: Steve Boyce: "Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2"
• In reply to: Russ Cooper: "Alert: Microsoft Security Bulletin MS04-038 - Cumulative Security Update for Internet Explorer (834707)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]