I received a nasty e-mail from an old friend who says that one of the two graphics files I sent him contained a virus or trojan horse or some such. I maintain that a simple graphics (.jpeg or somesuch) cannot contain any form of malware.
What is the word on this.
(And also Happy Christmas and a Merry New Year to you all, in case I forget.)
It’s possible.
I’d ask him for the name of the virus. (His own virus scanner must of flagged it.)
Then check if your own recognizes that particular virus. If not, switch to one that does and scan your system again.
In other words, rather than debate if a virus in a jpeg is possible, find out for sure if it’s on your own computer. (Assuming you still have a copy of the email in your sent messages.)
I don’t think that the jpeg format can carry a universal virus. But there might be a way to construct a jpeg file so that it exploits a security hole in a particular graphics viewer and executes malcode. Better safe than sorry.
I think the last scare was Windows Meta Files .WMF that allow the execution of internal scripts.
Also Windows can check the header of a file to see whether it has a valid PE (Portable Executable) header - if so it can run it, but AFAIK only if very explicitly told to do so.
A combination of a dodgy WMF with a bogus JPG could well produce an effective entry mechanism.
I use a Mac. He uses a Lesser Machine. Anyone will to let me e-mail the file to them?
Not to mention the fact that, just because it is labled as a .jpg file doesn’t mean it can’t be something else, too.
It opens as a graphics file.
Right … He probably has a false positive
Best deal with him gently, act extremely concerned for his machine’s welfare.
From Cnet a couple of years ago:
"Microsoft published on Tuesday a patch for a major security flaw in its software’s handling of the JPEG graphics format and urged customers to use a new tool to locate the many applications that are vulnerable.
The critical flaw has to do with how Microsoft’s operating systems and other software process the widely used JPEG image format and could let attackers create an image file that would run a malicious program on a victim’s computer as soon as the file is viewed. Because the software giant’s Internet Explorer browser is vulnerable, Windows users could fall prey to an attack just by visiting a Web site that has affected images. "
If your friend doesn’t have the patch then clearly it’s possible, and even if he does two years is a long time in virus terms and I’m sure they’ve found other vulnerabilities in image files to exploit.
Yes, go ahead. Email is in profile.
You could also easily test the file by e-mailing it to your own hotmail, gmail or yahoo e-mail account, all of which do automatic virus scanning.
The suspect file (which involves a goat) is winging its way to Q.E.D..
Well, I scanned the hell out of it (AVG Antivirus, updated), and couldn’t find a thing wrong with the file. Additionally, it opens fine with the Windows Picture Viewer, IE and Firefox as well as all the image editors I have installed.
Are you sure you sent the right one? That’s decidedly NOT a goat!
Be very weird. Thank you.
*BUT very weird, I meant.