Many file and image hosts filter dangerous file types. If you tried to upload a Jar file to most of them you would get an error message stating that the file type was not supported. Many however fail to analyze the file itself and simply reject files based on their extension which opens the door for this attack.

That’s a pretty dangerous exploit. Imagine someone who uses this to upload a new avatar to popular websites like Facebook or Myspace (two examples, I have not checked if the two use advanced upload filters). He could do all sorts of things with the Java Applet once users open up his profile page.

The only valid defense against this type of attack is to disable Java on the computer for the moment. Sun is already working on a fix although the researchers say that it is not Sun’s fault that this vulnerability exists.

Related posts

• Send Windows to Nirvana with an animated cursor (1)
• You better stop using Internet Explorer for now (18)
• Windows XP: Default Internet Browser Per User Profile (0)
• Which will it be ? Opera ? Firefox ? IE ? (38)
• Web Browser: Firefox 3.1 Beta 3 (4)

Bkp also said that they know who did this but does not say how they know. He could be referring to IP addresses that they found, other traces or confidential information. They ask every user to change the password during their next login which is apparently happening automatically at the very moment. It remains to be seen if the encryption used to encrypt the email addresses is strong enough to withstand decryption.

Related posts

• Spy Tech: I see what you write (6)
• Weak Passwords (12)
• Use Netflix Watch Now on more than 3 PCs (0)
• Use a Magnet to protect your PC (10)
• The Piratebay To Introduce Paid Subscriptions (14)

You might be interested in which Windows editions are effected and which are not. It would also be nice to know if your browsers and e-mail clients are vulnerable and can be used to exploit the system. Vulnerable are Windows Vista, Windows XP SP2 and Windows 2000 SP4. Several other Microsoft operating systems are affected as well like Windows Server 2003 but I think the first three cover most Windows editions that my readers use. Exploitation happens completely silently.

Take a look at the demonstration video below. It shows how Windows Vista enters a endless Crash-Restart loop caused by a malicious ani file which was dropped on the desktop. Attacks will most likely occur over the Internet.

A security company has released a temporary fix for the solution until an official Microsoft patch gets released.

Related posts

• Vista Part 3 (19)
• Triple Boot Vista, XP and Ubuntu (5)
• Things to check before switching to Vista Part 1 (1)
• Superfast Shutdown for XP and Vista (4)
• Security and Privacy Complete (0)