El Reg reports
Penetration tester Marcus Murray says attackers can use malicious JPEGs to pop modern Windows servers, to gain expanded privileges over networks.
In a live hack set down for RSA San Francisco this week, the TrueSec boffin shows how he used the hack to access an unnamed US Government agency that ran a buggy photo upload portal.
A key part of the stunt is achieved by inserting active content into the attributes of a jpg image, such that the file name read image.jpg.aspx. "I'm going to try to compromise the web server, then go for back end resources, and ultimately compromise a domain controller," Murray said, adding the hack is not that difficult.
video
This is by no means a new attack vector.
Why are we still dealing with this over ten years later?
(Score: 4, Funny) by Runaway1956 on Tuesday April 21 2015, @02:57PM
You should know the rules by now, AC. When you assign blame where it actually belongs, you get modded out of sight. Why don't you try again? Blame it on that gang of hoodlums over at BSD. Doesn't matter which gang, Free, Open, any of them will work. And, we'll blame all those Adobe exploits on Linus Torvalds. That should make things right, and get you and I modded up real high! Just don't make the mistake of blaming Apple for anything!
(Score: 1, Insightful) by Anonymous Coward on Tuesday April 21 2015, @04:20PM
At least Apple almost got it right by basing their OS on Unix.
(Score: 1) by Pseudonymous Coward on Tuesday April 21 2015, @10:42PM
And then managed to only support booting from GPT-formatted USB sticks. [apple.com]