As some of you may recall, a couple of weeks ago Microsoft announced that there was a bug in its JPG handler library which actually would allow a properly-crafted virus, embedded in a JPG image, to infect a computer.
I just had a very bizarre thing happen to my computer at work. They insist on running Windows. I opened an email on my web-based email account, which had a picture attached to it.
I should note in passing that the image was from a trusted source (another Forumosan I know), and had a personalized message and image on a topic that we discuss (he knows I’m into old Gatling guns). I wasn’t opening porno or spam, and the filesize (43K) was reasonable for a small picture.
I opened the picture; instead of the picture being displayed in full size (the usual), IE showed the “open or save” dialog (as if I were downloading the image to my computer) and in addition to the picture being displayed, Windows Media Viewer opened up and showed the video clip of the Ford(?) car decapitating the cat that stuck its head into the sunroof.
I don’t have that video on my computer at work. I don’t have any such videos on my computer at work. A search of the hard drive also didn’t turn it up. And finally, the size of the email was too small to include the video in it; 43K would be one frame, not a 30-second MPG.
I am wondering if this was a proof-of-concept test of a virus exploiting the Microsoft JPG library hole, or what.