From: uberguidoz at gmail.com (GuidoZ)
Subject: Quick JPEG/GDI test & fix (timesaver)

Hello list,

I wrote a very simple program/batch file that tests for the JPEG
exploit, then if affected, provides instructions on how to patch the
exploit. It has been tested on my own lil happy lab network, as well
as one one network where I'm a sysadmin. (Tested on Windows XP Home
and Pro, SP1a and SP2.)

It DOES test for the exploit by attempting to use an "infected" JPG
which downloads the instructions for fixing it, if exploited. By
viewing the strings in the JPG, you can see the file it downloads and
check it out for yourself. It's clean. =) Just contains a batch file
and a program to launch the batch file. (The file that gets downloaded
is a simple SFX.) Links are below. It contains a warning saying it's
about to try to exploit the system and to save data in open programs.
(It also warns that Explorer may crash.)

I wrote this merely to save myself time and allow friends/family to
test their own systems, then patch them without having to call me for
help. It's not been tested in every environment and in every scenario.
If you find a problem, feel free to email me (exploit _AT_ guidoz
_DOT_ com) Obviously I'm not responsible if it's abused somehow, or if
it breaks something, etc. Feel free to modify it to suit your own
needs, but use it at your own risk.

Test can be downloaded from here: http://www.guidoz.com/exploit-test.exe

Again, it's just an SFX archive with a batch file. Hopefully it will
save someone else some time. I've used it to have friends/family (and
a few clients) patch a total of around 30 machines without problems.

--
Peace. ~G

Powered by blists - more mailing lists