Follow:

 

Exploit:Win32/MS04028!jpeg


Exploit:Win32/MS04028!jpeg is a detection for a specially crafted image file (.JPG) that exploits a vulnerability discussed in Microsoft Security Bulletin MS04-028. The exploit could cause a buffer overrun leading to the execution of arbitrary code.


What to do now

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
 
 
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Threat behavior

Exploit:Win32/MS04028!jpeg is a detection for a specially crafted image file (.JPG) that exploits a vulnerability discussed in Microsoft Security Bulletin MS04-028. The exploit could cause a buffer overrun leading to the execution of arbitrary code.
Installation
This malware could be encountered when visiting a malicious webpage or could be installed by other malware. Viewing the crafted image file using a vulnerable computer could lead to the execution of arbitrary code.
Additional Information
For more information about MS04-028, see Microsoft Security Bulletin MS04-028.
 
Analysis by Patrick Nolan

Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.

Prevention


Alert level: Severe
This entry was first published on: Sep 17, 2010
This entry was updated on: Apr 17, 2011

This threat is also detected as:
  • JPEG-Exploit/MS04-018.Gen (AhnLab)
  • CVE-2004-0200 (Command)
  • Exploit.MS04-028 (Dr.Web)
  • Exploit.Win32.MS04-028.Gen (Kaspersky)
  • Exploit-MS04-028 (McAfee)
  • Exploit/MS04-028.gen (Panda)
  • Exp/MS04-028 (Sophos)
  • EXPL_MS04-028.A (Trend Micro)