Security Basics mailing list archives

Detecting new Windows .jpeg exploit

From: "Bowes, Ronald (EST)" <RBowes () gov mb ca>
Date: Wed, 15 Sep 2004 13:53:34 -0500

This is regarding the exploit in Microsoft's .jpeg handling code, posted
here: http://secunia.com/advisories/12528/.
 
What I'd like to know is how we can scan a fairly large network for
vulnerable machines.  Microsoft provided a tool to detect if your own
computer needs to be patched, but running this on potentially thousands of
systems isn't really an option.  Is there any way known at this time to
detect if a computer is vulnerable?
 
Thanks,

Ron Bowes

Information Protection Center
Government of Manitoba


---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

Current thread:

Detecting new Windows .jpeg exploit Bowes, Ronald (EST) (Sep 15)
- Re: Detecting new Windows .jpeg exploit Miles Stevenson (Sep 16)
- <Possible follow-ups>
- Re: Detecting new Windows .jpeg exploit H Carvey (Sep 16)
- RE: Detecting new Windows .jpeg exploit Bowes, Ronald (EST) (Sep 16)
- RE: Detecting new Windows .jpeg exploit Roger A. Grimes (Sep 16)
  - RE: Detecting new Windows .jpeg exploit Kenton Smith (Sep 18)