http://news.zdnet.com/2100-1009_22-5385995.html

It will start with porn & end up in all sorts probably.

This could cause MAJOR headaches for us digital artists. =[

& the net in general. =/

Concerning the JPEG vunerability: The images that you download from caedes.net have been re-compressed using a Unix program. For that reason I think that users of the website have nothing to fear from images downloaded from caedes.net. If someone were to upload an infected images, the server would either think it is an invalid JPEG, or it would strip out the trojan payload. I do not, however have a way to test this since I have neither a windows computer or an infected image file.

Good to know you are covered then. =]

I'm so glad I will soon be saying goodbye to Windows forever...

lol sam. ..but what is that link? and what does it have to do with caedes? ..a jpeg or whatever? ...because it doesnt even say caedes.net ..i dont know i pretty stupid...

You have to wait for the advertisement to dissapear before you can read the article.

[quote]
Internet watchers say they've spotted infected images that could implant a back door into a Windows computer if they are viewed.

EasyNews, a provider of Usenet newsgroups, said it has identified two JPEG images that take advantage of a previously identified flaw in the way Microsoft software handles graphics files. Windows users could have their computers infected merely by opening one of those Trojan horse images.

The report of the widely expected exploit comes less than a week after sample code appeared that demonstrated how to take advantage of Microsoft's programming error. Some security researchers worry that the ubiquity of JPEG images provides an unprecedented opportunity to spread malicious code through file-trading networks, the Web or spamming.

But the Trojan horse images may not be as threatening as a more sophisticated version of the exploit could be.

"These JPEGs did not replicate, so this is not a virus," antivirus software company F-Secure stated in its Weblog. "Apparently they tried to use these JPEGs to download Trojan (horse programs) to vulnerable computers, but the download sites should be down by now."

Windows' Graphic Device Interface Plus (GDI+) software contains a JPEG-processing vulnerability that affects dozens of Microsoft products, including the Office suite. Windows XP and Windows Server versions are vulnerable unless a Microsoft patch has been installed in the last few weeks or, in the case of XP, if the systems have been upgraded to Service Pack 2.

Other Windows versions may be at risk depending on what applications are installed. The issue does not affect non-Microsoft operating systems such as Linux and Mac OS X.
[/quote]

Once again...LINUX=Safety and Windows=easily exploited by malicious code implanted in images.

You gotta admit though, embedding code in images is pretty cool.

note: this has no affect on windows service pack 2

People have been infecting picture files for years. You could litterally infect any file even using the simple UPX binding. I don't know if any of you know Battle.net, but it was a gaming server. In theory, you could infect a MAP file with any type of macro worm and exploit it throgh the server. Since people had to download the map in order to use it, the spreading potential was huge. Of course this was implimented, but most Anti-Virus software can detect it. Just make sure your Anti-Virus software is up to date and actively running, and you'll be fine.