Computer Underground Pounds Windows Source Codes

February 17, 2004

A new breach is revealed in Microsoft Windows: BMP format is no longer safe

Kaspersky Lab, a leading information security software developer warns users about a new vulnerability in Internet Explorer (5.0, 5.5 and 6.0) and Outlook Express 5.0. The new vulnerability allows cyber-criminals launch malicious programs on breached computers using files in BMP format. The vulnerability was discovered by an unknown individual nicknamed 'GTA' and published on several security web sites. The author provided an example of a possible attack and went on to comment that the proposed scenario was based on a detailed analysis of the Windows source code (details). "This report confirms our worst fears; the computer underground is pouncing on the Windows source code in search of new attack methods. The speed at which the first discovery appeared forces us to seriously re-evaluate the immediate future of the Internet", comments Eugene Kaspersky, Head of Anti-Virus Research at Kaspersky Lab, "From now on, we can expect similar surprise any minute." The lack of patches for Internet Explorer and Outlook Express make this new vulnerability particularly dangerous. Only users who have Windows XP with Service Pack 1 can relax for now: tests have demonstrated that this configuration is immune. At the same time, the new vulnerability poses a serious threat to all Internet users. It turns out that virus writers can create BMP files which load malicious programs onto victim machines while users are looking at images. In fact, infection can occur both while reading mail in Outlook and while surfing the web. 'At this point in time, we have not detected any viruses that use this exotic new method to attack computers. However, the chances of one appearing in the near future are very real indeed', added Eugene Kaspersky. Kaspersky Lab has already released a special anti-virus database update protecting against malicious programs utilizing this vulnerability. The contents of BMP files are scanned and potentially dangerous objects are detected when they attempts to breach computers via either the Internet or emails.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Computer Underground Pounds Windows Source Codes

Computer Underground Pounds Windows Source Codes

About Kaspersky

Related Articles Press Releases

Kaspersky analyzes digital superstitions believed by Internet users in META region

Denial, bargaining, acceptance: reactions to corporate data compromised on the Darknet

Attacks on 27% ICS computers detected in the Middle East highlight the need for a secure-by-design approach to protect nuclear power plants

A spike in demand: Prices for creating deepfakes on the darkweb reach $20,000 per minute

Kaspersky experts warn of increased IT supply chain attacks by OilRig APT in the Middle East and Turkiye

Every third industrial computer was targeted in the Middle East in H1 2022

Financial cyberthreats targeting businesses in Saudi Arabia drop by 24% in Q2 of 2022

Kaspersky uncovers new tactics used by the Middle Eastern APT group DeftTorero

Over 10,000 users in UAE encountered browser extension threats in the first half of 2022

Phishing and scam hit the roof in UAE with 230% increase in number of detections in Q2 2022