In the Forums

Register

Today's Posts

Search

Get the Weekly
Inkling
newsletter





Previous Issues

Splitcoaststampers's privacy policy

Get Social

Splitcoaststampers on InstagramLike Splitcoaststampers on FacebookFollow Splitcoaststampers on TwitterPit Splitcoaststampers on Pinterest

Sponsored Ads


 
Splitcoaststampers.com - the world's #1 papercrafting community
You're currently viewing Splitcoaststampers as a GUEST. We pride ourselves on being great hosts, but guests have limited access to some of our incredible artwork, our lively forums and other super cool features of the site! You can join our incredible papercrafting community at NO COST. So what are you waiting for?

Join the party at Splitcoaststampers today!

Reply
 
Thread Tools
Old 01-05-2006, 11:52 AM   #1
Insane Embellisher
 
mastamper's Avatar
 
Join Date: Sep 2005
Posts: 996
Default MS Windows image exploit?

The I.T. department where I work sent all of us an email today quoted at the end of this post containing information about a Microsoft flaw with images.

Am I at risk viewing images people have uploaded here or do you have a way of scanning them before they are uploaded?

(What will I do if I can't browse SCS while I wait for a new Microsoft update?????)

"In recent days, the computing security community and Microsoft have confirmed the existence of a flaw in the way that Microsoft products handle and process image files. This flaw exists in many products (Windows 95 through XP) utilized here. Most consumer desktops (e.g., your home computer) are affected as well.

Microsoft has NOT released a patch for this flaw but is actively working on a solution. Until a patch is released and installed, we recommend that you practice the following safe computing rules:
Do not open e-mail from individuals or sites that you do not recognize.
Do not click on or open image file attachments that you have not requested.
Limit your Web surfing to sites that you know and trust. Trusted commercial Web sites are not likely to have malicious images that exploit the flaw.
Disable Google desktop search. There are reports that Google's desktop search tool can trigger the image flaw if you happen to have a malicious image file on your computer.
Keep your virus scanning software up-to-date and active."
__________________

Mary Ann

~~ My slowly growing gallery ~~
mastamper is offline  
Tweet this Post! Share on Facebook Reddit!! Pin on Pinterest! Share on Google+!
Reply With Quote
Old 01-05-2006, 12:04 PM   #2
SCS Founder
 
splitcoaststampers's Avatar
 
Join Date: Jan 2003
Location: Vancouver, WA
Posts: 4,782
Default

I find these kind of warnings annoying, because they generate FUD (fear, uncertainty and doubt) in far greater measure than they ever deserve.

some of the above is good advice in any case (virus software up to date, etc.) and some of it is alarmist nonsense. just my opinion of course, and nothing against your IT dept.

as far as SCS goes, any image uploaded here should not be of any risk to you, because each one gets "laundered" as part of the upload process. when an image is uploaded, the gallery software re-saves the image in order to assure that it's not too large, to optimize the file size, etc. Any problem with the original image would be eliminated when the file is re-saved.

no worries!
__________________
- Daven

Needs a sig
splitcoaststampers is offline  
Tweet this Post! Share on Facebook Reddit!! Pin on Pinterest! Share on Google+!
Reply With Quote
Old 01-05-2006, 12:15 PM   #3
Insane Embellisher
 
mastamper's Avatar
 
Join Date: Sep 2005
Posts: 996
Default

Thanks for the quick reply, Daven!

In defense of our Chief Technology Officer, we have gotten bitten pretty bad in the past because of careless users. I work at a large university medical center and their best option of protecting all of us (and our huge room of servers) would be to restrict internet access to internal-only web sites like other corporations have done.

But that would mean no SCS browsing - er, I mean searching for medical research information!

Whew! Glad I won't have to go through SCS withdrawal although the forums might have tided me over for awhile.
__________________

Mary Ann

~~ My slowly growing gallery ~~
mastamper is offline  
Tweet this Post! Share on Facebook Reddit!! Pin on Pinterest! Share on Google+!
Reply With Quote
Old 01-05-2006, 01:02 PM   #4
SCS Founder
 
splitcoaststampers's Avatar
 
Join Date: Jan 2003
Location: Vancouver, WA
Posts: 4,782
Default

you're right, it's perfectly understandable that IT people would be protective of assets like the network infrastructure of a large organization. hope I didn't come across too strongly, and cool to hear where you work.

I just tend to under-react to things like this. the mere fact that a flaw exists *doesn't* mean that there's something out there that actually exploits the flaw. many times these kind of things get announced and fixed without there ever being any harm done.

so to say that "your home computer is affected" is a little misleading. kinda like saying your and my neighborhoods are affected by herds of wild marauding elephants. well yes, it would be extremely risky for us to go outside in the event that wild elephants visit our neighborhoods, that's true. but until barnum & bailey are actually in town I'm probably not gonna worry about it too too much.

there are organizations out there who's sole mission is to research and map these types of security flaws, and they make a name for themselves when they find and report them. maybe it's like the bird flu thing. should I be worried about that?
__________________
- Daven

Needs a sig
splitcoaststampers is offline  
Tweet this Post! Share on Facebook Reddit!! Pin on Pinterest! Share on Google+!
Reply With Quote
Old 01-05-2006, 08:28 PM   #5
Insane Embellisher
 
mastamper's Avatar
 
Join Date: Sep 2005
Posts: 996
Default

In case anybody else is interested, Microsoft released the patch this evening to address the flaw.
__________________

Mary Ann

~~ My slowly growing gallery ~~
mastamper is offline  
Tweet this Post! Share on Facebook Reddit!! Pin on Pinterest! Share on Google+!
Reply With Quote
Reply



Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are Off


Related Topics
Thread Thread Starter Forum Replies Last Post
List of Stamping Techniques caspen1973 Techniques 229 04-23-2019 09:18 AM
Coloring on glossy cardstock?? spammie Techniques 44 11-17-2012 08:45 AM
glossy paper ideas joyk10 Techniques 4 11-16-2004 09:55 AM