TSGL: Teenagers
The Computer Whisperer
justin at whisperer.com.au
Mon Dec 4 21:00:02 EST 2006
H Davis...
well... what can I say...? Microsoft is always an exception, I can
understand why some windows media files in WMV or WMA format could execute
code, they have additional copy protection code in them.
Still, generally speaking, other than microsoft's proprietary formats, you
cannot get a virus from a non-executable file.
Russel,
I agree about the window ME comment... move... and move soon lol.
Justin
On 05/12/06, H Davis <hdavis1 at gmail.com> wrote:
>
> Justin,
>
> I seem to remember a couple of updates for Windows XP for a
> vulnerability to bad stuff in image & video files. I found these notes I
> made along the way.
>
> Security update for WMF vulnerability (KB912919)
> Published: January 5, 2006
> Get the security update for the Windows Meta File (WMF) vulnerability
> from Microsoft Update. The bulletin title for this update is:
> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
> Execution (KB912919). Learn more about why Microsoft released this update.
>
> KB873374 - GDI+ detection tool.
> The GDI+ detection tool runs and examines the machine for updates
> required by Office. It seems to be related to the Jpeg bug.
>
> Microsoft GDI+ Detection Tool (KB873374) This update requires additional
> action. See this page:
>
> http://www.microsoft.com/athome/security/update/bulletins/200409_jpeg_tool.mspx
> .
> The Microsoft GDI+ Detection Tool helps detect the presence of Microsoft
> products (other than Windows) that contain the GDI+ component. Microsoft
> customers can run this tool to help determine if a GDI+ security update
> is required. Microsoft recommends you visit the Office Update site to
> determine if your computer requires security updates for Office family
> products.
>
> I seem to remember this was a pervasive problem since it occurred in a
> routine used by many MS programs and that there were multiple copies (as
> usual) of this routine likely to be found on a single computer. I think
> there were several attempts by MS to get this fixed.
>
> Also, there is plenty of spoofing going on with video files to induce
> the user to "agree" to a download of malware by displaying a bogus
> "necessary" security update message, or a "free" license request to get
> the user to click on the OK button and start the download.
>
> It's best to treat _anything_ you download with suspicion. Make sure
> you're getting it from a reliable source (forget peer to peer networks)
> and scan it with all your "anti" software as soon as you have it before
> using it or installing it. But, as the above GDI+ problem indicates,
> sometimes the simple act of downloading it will infect you. Caveat Emptor.
>
> H Davis
>
>
>
> The Computer Whisperer wrote:
> > Downloading programs (shareware and illegally)from random file sharing
> > sources will almost definately yield a virus for your computer.
> >
> > Documents such as images, word processing, videos, mp3's cannot contain
> > viruses (ok well, word can contain executable code.). Generally it is
> safe
> > to download such files.
> >
> > You can burn the files to a DVD if you have a burner (2 x single layer
> > DVD-R's) or 10 CD-R's
> >
> > Depends on how you want to spend your money.
> >
> > Justin
> >
> >
>
> --
> H Davis hdavis1 at gmail.com
>
> _______________________________________________
> Tech Support Guy Mailing List
> http://www.tsgserver.com/list/
>
--
http://www.whisperer.com.au
The Computer Whisperer - Your Friendly In-Home Technical Support Consultant
Telephone: (03) 5979 1122
Mobile 0406 467 701
Servicing the Mornington Peninsula
-------------------------------------------------------------------------------------------------------------------------------------
More information about the List
mailing list