09 Jan Windows image bug patched, but more found
Microsoft has patched the Windows vulnerability that could allow malicious programs to be installed when users viewed pictures on their computers. But security experts say the same part of Windows has even more problems than previously thought, opening up more holes.
Giving in to pressure from users and security experts, some of whom were installing an unofficial fix not condoned by the company, Microsoft released the official patch days earlier than planned – it was going to be part of the company’s montly “patch Tuesday” on the 10th.
Now, Symantec has released a report saying that there are multiple vulnerabilities in Windows’ handling of images that were not patched, using different parts of the system but working in the same way. Viewing hacked image files in Windows Explorer or Internet Explorer, among other things, could cause a computer to be infected. It is unknown how many people, if any, have actually exploited the new vulnerabilities yet.