引用:
|
作者Yode
我還是不要試好了! 
因為我用"弱盾 2005"..... 
之前有抓到有毒的圖片.....也是某套 掃木馬的程式幫我找到的!  |
放心, 只是標準的 ICC Profile TagData Overflow attack
(並非每張圖都毒)
無論 "弱盾" 2003,2005 or 2005 病毒碼更新正常, 都檔得下.
只要 Windows Update 正常, 也不用怕!
雖然這 Attack 是高風險. 但能親目睹傳言中的 image file 能暗藏玄機發動攻擊... 值得啊!
參考資料: (複製自 Symantec.com)
A buffer overflow has been reported in the icm32.dll. If the image contains International Color Consortium (ICC) data, icm32.dll will be loaded to process it.
A buffer overrun vulnerability exists in the processing images that contains a large ICC tag data size for any of the following tag entry signatures:
........