Malware Name: Exploit-MS04-028
Corporate User : Low
Home User : Low
Discovery Date: 09/14/2004
Type: Malware; SubType: Exploit
Minimum DAT:4392 (09/22/2004)
Updated DAT:4392 (09/22/2004)
Minimum Engine: 4.3.20
Description Added: 09/16/2004
Description Modified: 09/16/2004 4:28 AM (PT)
This detection is for JPEG files intended to exploit the recently announced vulnerability described in Microsoft Security Bulletin MS04-028 .
For further details about the vulnerability, and links to the Microsoft patches, click on the following link:
Variable. This detection is for JPEGs files intended to exploit a vulnerability. The symptoms of the buffer overflow will vary depending upon the remote code executed.
Method Of Infection
The vulnerability exists in many applications and operating systems where JPEG files are processed. A maliciously crafted JPEG could arrive at the system via several vectors (web, email etc).
All Users :
Use current engine and DAT files for detection. Delete any file which contains this detection.