SoylentNews

It's 2015 and Your Windows Server Can Still be Pwned by a JPEG

posted by CoolHand on Tuesday April 21 2015, @02:03PM   
from the a-pictures-worth-a-thousand-lines-of-malware dept.

"gewg_" writes:

El Reg reports

Penetration tester Marcus Murray says attackers can use malicious JPEGs to pop modern Windows servers, to gain expanded privileges over networks.

In a live hack set down for RSA San Francisco this week, the TrueSec boffin shows how he used the hack to access an unnamed US Government agency that ran a buggy photo upload portal.

A key part of the stunt is achieved by inserting active content into the attributes of a jpg image, such that the file name read image.jpg.aspx. "I'm going to try to compromise the web server, then go for back end resources, and ultimately compromise a domain controller," Murray said, adding the hack is not that difficult.
video

This is by no means a new attack vector.

Why are we still dealing with this over ten years later?

• Re:Why are we still dealing with this over ten yea Re:Why are we still dealing with this over ten yea (Score: 3, Funny) by Anonymous Coward on Tuesday April 21 2015, @04:26PM

  by Anonymous Coward on Tuesday April 21 2015, @04:26PM (#173577)

  Which part of "Microsoft product" did you not understand?

  "Micro". I always thought that meant "small", not "bloated".

  Parent

  Starting Score:	0		points
  Moderation		+3
  Funny=3, Total=3
  Extra 'Funny' Modifier		0
  Total Score:		3

• Re:Why are we still dealing with this over ten yea (Score: 2) by VortexCortex on Tuesday April 21 2015, @06:40PM

  by VortexCortex (4067) on Tuesday April 21 2015, @06:40PM (#173621)

  It's only micro when it's soft, babe.

  Parent