Menu



error This forum is not active, and new posts may not be made in it.
1
Promote
Doug Woodall

315
199 Posts
199
Invite Me as a Friend
Booby-trapped text fonts embedded in Web pages.
3/20/2006 9:59:24 AM
By Stuart J. Johnston Attackers have been using increasingly novel means to break into Windows systems--for example, using doctored media files like music, Web graphics, and video. Now joining that roster of dirty tricks are booby-trapped text fonts embedded in Web pages. The bug sleuths at eEye Digital Security found a way to breach Windows' security by exploiting a flaw in how the OS displays text on Web sites. Web designers often use embedded fonts to guarantee that the text on a page will look the same in every browser. All a cyberthug has to do is create a corrupted font on a Web site and wait for unsuspecting visitors. When you view the affected font in Internet Explorer--or in any application that uses Windows to show the fonts in question--the doctored text triggers a buffer overflow, disabling your PC's security and allowing the thug to then take control of your computer. Reading or even just previewing an affected HTML e-mail message in Outlook or Outlook Express can launch the attack too. This flaw affects all versions of Windows, from Windows 98 through XP Service Pack 2, which means the majority of people online are potentially at risk. Microsoft has distributed the patch via Windows Update. You can also get it here: http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx
Doug Woodall SpywareBiz,,,We take the Spy out of Spyware! http://www.spywarebiz.com Providing Free Information and Recommended Products to Combat Spyware.
+0
Cheri Merz

492
1258 Posts
1258
Invite Me as a Friend
Person Of The Week
Re: Booby-trapped text fonts embedded in Web pages.
3/20/2006 11:23:34 PM
Doug, Good grief, what will they think of next? It's almost enough to make you swear off the web. If it weren't absolutely vital to my business, I would. Cheri
+0
Dave Cottrell

2900
2802 Posts
2802
Invite Me as a Friend
Top 100 Poster
Person Of The Week
Re: Booby-trapped text fonts embedded in Web pages.
3/22/2006 3:05:35 PM
Hi Doug, Thanks for the heads up. I found it rather interesting that even though I have the latest version of Windows and SP2 with automatic updates, the update had not been done. God bless, Dave
+0
1


facebook
Like us on Facebook!