Page 1 of 3 1 2 3 LastLast
Results 1 to 13 of 33

Thread: images on forums can infect your computer with malware

  1. #1
    Join Date
    Sep 2004
    Location
    Stockholm, Sweden
    Posts
    6
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Exclamation images on forums can infect your computer with malware

    Whistle from eatpoo gave me a heads up on this and I felt I should tell you guys here as well.

    WHAT IS IT?
    There is a new exploit out that uses WMF (windows metafile format) files to infect a computer. All you have to do to get infected is view a webpage that has the image on it, or access an infected image that is on your computer. That means the forums can be a vector for infection too. (In fact, user Blue Reptile has already been permabanned for putting the exploit in his signature.)

    WHO IS VULNERABLE?
    The exploit affects Firefox, Internet Explorer, and any other browser that displayes or downloads the file into the cache on the local machine. The file could also be a WMF renamed to any other image type, or possible other filetypes. Anything that puts the image exploit onto your computer or opens it up in windows fax viewer or the part of windows that generates thumbnails of WMF files is a vulnerability. This means any vector that puts the image onto your computer (wget, browser, email, IM, etc) can potentially cause the problem.

    This affects anyone on Windows (98, 98SE, ME, 2000, XP, 2003). USING FIREFOX DOES NOT ELIMINATE THE RISK as the file is still downloaded to your cache in most cases, but it does reduce your chances somewhat since the image is often not displayed in the browser. But if you then interact with the file in any way (thumbnail it, Google Desktop, hover over with the mouse) that causes it to be handled by the windows subsystem responsible for WMF then you will have problems. Once again, YOU CAN BE CAUGHT BY THIS EXPLOIT EVEN IF THE IMAGE DOES NOT SHOW IN THE BROWSER. If you use Windows, your system is vulnerable.
    more info: http://www.metafilter.com/mefi/47964

    This is a pretty serious danger, over at eatpoo I've suggested that we disable all image posting until microsoft releases a patch, but we've not decided anything yet.
    Reply With Quote Reply With Quote


  2. Hide this ad by registering as a member
  3. #2
    Join Date
    Sep 2004
    Location
    Stockholm, Sweden
    Posts
    6
    Thanks
    1
    Thanked 0 Times in 0 Posts
    also the reason I'm not PM'ing this to a moderator or admin is because I don't know who they are on CA. sorry.
    Reply With Quote Reply With Quote

  4. #3
    Join Date
    May 2005
    Location
    CT, USA
    Posts
    480
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Reply With Quote Reply With Quote

  5. #4
    Join Date
    Jan 2005
    Posts
    2,287
    Thanks
    3
    Thanked 4 Times in 4 Posts
    Advocate, that was one of the funniest things I've seen in a while.
    Reply With Quote Reply With Quote

  6. #5
    Join Date
    Sep 2005
    Posts
    792
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Haha

    Thanks for the heads up, but it's already been discussed here.

    You suggested they disable all image posting at Eatpoo? Have they eaten you alive yet?
    Sketchbook support group #7
    Andorz
    Koshime
    Number_6
    Slash
    Mike Frank
    Haldor
    BDFoster
    Gloominati
    _________________________________________
    The Hunger site
    Reply With Quote Reply With Quote

  7. #6
    Join Date
    Sep 2004
    Location
    Stockholm, Sweden
    Posts
    6
    Thanks
    1
    Thanked 0 Times in 0 Posts
    That's weird, I did a search for it and nothing showed up, but I see the topic now. It seem to not have gotten much attention.
    I just want to stress again how malicious this is, it's nothing like CLICK HERE FOR LARGER PENIS, you don't even have to see the image. It can be hidden pretty much in anything as long as it gets loaded by ie or even just your file browser in windows.



    and no they haven't eaten me alive, seeing as how I am an admin there
    Reply With Quote Reply With Quote

  8. #7
    Join Date
    Jun 2004
    Location
    I'm hiding under your bed!
    Posts
    265
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Dear God no!!!

    And what, pray tell, does this dread menace do after infecting our precious computers? It doesn't sign me up for a subscription to "The Watchtower" does it? Nooooo!

    If you all need me I'll be hiding under my bed till "computering" is safe again.
    (Insert stupid, pointless, and offensive signature here)
    www.wayofthegeek.com My web comic full of stupid geekiness.
    www.carterillustration.com My website filled with freelancing EVIL.
    Reply With Quote Reply With Quote

  9. #8
    Join Date
    May 2005
    Posts
    4,912
    Thanks
    0
    Thanked 28 Times in 21 Posts
    Ah yeah, heard of this, apparently extremely old, it's been done years ago but no real problems.
    Reply With Quote Reply With Quote

  10. #9
    Join Date
    Sep 2005
    Posts
    792
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Noodle!
    and no they haven't eaten me alive, seeing as how I am an admin there
    But... but you suggested they disable image posting. On Eatpoo!
    Sketchbook support group #7
    Andorz
    Koshime
    Number_6
    Slash
    Mike Frank
    Haldor
    BDFoster
    Gloominati
    _________________________________________
    The Hunger site
    Reply With Quote Reply With Quote

  11. #10
    Join Date
    Jun 2004
    Location
    I'm hiding under your bed!
    Posts
    265
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Aaaarrrggg! Computer infected... Much pain.... Nooo!, it's forcing me to watch "Full House" reruns... Bob Sacket!...(Gasp! Insert sounds of slow painful death here)
    (Insert stupid, pointless, and offensive signature here)
    www.wayofthegeek.com My web comic full of stupid geekiness.
    www.carterillustration.com My website filled with freelancing EVIL.
    Reply With Quote Reply With Quote

  12. #11
    Join Date
    Jul 2003
    Location
    Queens, New York, United States
    Posts
    1,477
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Thanks Noodle!

    Was that hard to do gentlemen? seriously...
    Reply With Quote Reply With Quote

  13. #12
    Join Date
    Jun 2003
    Location
    Under your skin
    Posts
    1,753
    Thanks
    0
    Thanked 3 Times in 3 Posts
    This is one of the more serious exploits that came out just last week.

    Thanks for being conscientious enough to post this Noodle!

    As for you other assholes, that's great that you slam someone looking out for you.

    For those that actually want more info on this you can visit f-secure's site http://www.f-secure.com/zero-day/, if you dig around a bit they provide a list of domains that you might want to block if you have the ability to do so.
    Reply With Quote Reply With Quote

  14. #13
    Join Date
    Oct 2002
    Location
    Alabama
    Posts
    2,012
    Thanks
    432
    Thanked 703 Times in 290 Posts
    my laptop actually got busted by this malware a few nights ago ---- I've since been able to clear things up, but it affected my Norton anti-virus 'repair' functions and I haven't been able to properly re-install the program.
    Now I have a constant WARNING popin from the windows-update that directly links to the malware ... so's i can't click that, and it gets in the way of my doodling...

    .sucks balls.

    my website
    -- playing: "Pikmin 3" and "World of Tanks"
    -- reading: "Death of the Liberal Class" -Chris Hedges


    O my soul, do not aspire to immortal life, but exhaust the limits of the possible. - Pindar
    Reply With Quote Reply With Quote

Page 1 of 3 1 2 3 LastLast

Similar Threads

  1. Malware
    By Wingal in forum SUPPORT
    Replies: 31
    Last Post: January 9th, 2013, 06:02 AM
  2. using 3d computer images and mobile for reference
    By Drawallday in forum REFERENCES & INSPIRATIONS
    Replies: 0
    Last Post: December 6th, 2010, 02:49 PM
  3. Images transferred directly from your brain to a computer
    By •Lindsay• in forum Artist Lounge
    Replies: 30
    Last Post: December 16th, 2008, 04:48 PM
  4. Why won't many images show on my computer?
    By Skinnyboy in forum SUPPORT
    Replies: 0
    Last Post: January 18th, 2007, 03:36 AM

Members who have read this thread: 0

There are no members to list at the moment.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
  • 424,149 Artists
  • 3,599,276 Artist Posts
  • 32,941 Sketchbooks
  • 54 New Art Jobs
Art Workshop Discount Inside

Developed Actively by vBSocial.com
SpringOfSea's Sketchbook