Friday, October 08, 2004

As the JPEG virus has not caused an asteriod to collide with earth...

I am still edgy about the bits on my system that the GDIScan tool (http://www.bleepingcomputer.com/forums/topict3077.html) , says is iffy.

Apparently the MSO.DLL is also susceptible to the jpeg exploit.

One thing I did discover was that the new MS helpsystem (dexplore.exe) uses MSO.DLL (from OfficeXP (Office 10)) ????

so does Winword??? it loads the MSO.DLL from both Office 10 and Office 11?

Now the problem... If I update my MSOffice installation, the MSO.DLL for Office 11 is fixed, not not the MSO.DLL for Office 10?

does this mean that:
1) dexplore.exe is vulnerable?
2) the MSOffice apps that use it?
3) the VS 2k3 and Delphi8 helpsystem?

Thankfully Mcafee removes any JPEG containing the exploit, as soon as it is accessed, if you have ON ACCESS scanning activated! So I guess I am safe, as long as all JPEGs pulled from the internet gets downloaded to my harddisc first! so the AV software can get a crack at it.

I guess I am just exhibiting my paranoia...

0 Comments:

Post a Comment

<< Home