|
Raw Bytes Computer News KPBX FM 91.1 Radio National Public Radio Network Frank Delaney Producer Broadcast on Thursday Morning 7:35 AM During Morning Edition Support Public Radio ! The Theater Of the Mind |
In computer news this week –
1/11/2006 |
|
|
The latest Microsoft Security
problem you need to protect yourself from – the Windows Meta File flaw. So
what’s a Windows meta file ? It’s a graphic image file,
created by Microsoft back in the early 1990’s. There are actually dozens
of graphic image formats in the pc world, but not on the internet. Since the
evolution of the internet and the WWW, there have been two standards for
graphics files – or pictures – used on the web. If you
right click your mouse on any image you see on the internet,
and on the popup menu click on properties – you will see information
about that picture, and the file format it is in. This will
generally always be one of two formats: 1. .gif file – pronounced Gif -
which means graphic image format – and is an older format created by
the information service Compuserve way back in 1987, or 2. .jpg – pronounced
Jaypeg - which means Joint Photographic Experts
Group, a newer format which has become the standard on the web. These are
straight picture image formats, meaning there’s no programming code in
the images; just compressed graphics. These image files have always been
considered as safe files. The
current Microsoft security problem is that hackers have discovered a way of
using the older Windows metafile graphic images on hacker websites so that
when you just view their webpage, those graphic images will
download to your computer, and then theoretically a hacker could take control
of your computer. This is
because a Windows metafile – although it is a graphic image –
actually contains programming code also – and this is the vulnerability
that hackers have discovered and exploited. Theoretically, once it’s on
your computer, they have a way of taking control of your computer. Let me
give you a practical example of how all this works, and I will make the
assumption that you are using some version of Microsoft’s internet
explorer for your web browser. Click on
Tools – Internet options – and under the Temporary Internet Files
section – click Delete files – and on the popup menu Click the
box for Delete all offline content – then click ok – then click
ok again to close this tool box menu. Now go to
the kpbx website – kpbx.org When you
are there at the kpbx screen, again Click on Tools – Internet options
– but this time under the Temporary Internet Files section –
click Settings – and then click View Files – and you will see
that just by going to the KPBX main page – about 2 dozen files have
been downloaded to your computer, as temporary internet files, and most of
them are graphic gif files.
Just click on the X’s in the top
right corner of these windows to close them all. This is just
the way the internet works. What you see on your screen,
gets downloaded to your computer. All websites work this way. So if you had
happened to go to a hacker website, you might have downloaded a windows
metafile graphics image, and your computer might now be vulnerable to hacker
attack. To
protect yourself, be sure your computer is set for
automatic updates. You can also go directly to the Microsoft website and download what they
are now calling the January Security updates. There’s also a lot of
information on safe internet browsing you can read. So
remember, what you see on the internet, gets
downloaded to your computer, and you can also be tracked on the internet.
Protect yourself and practice safe computing. For Raw Bytes This is Frank Delaney (C) 2005 MTA Micro
Technology Associates http://www.mtamicro.com/kpbx.html PO Box 31522 Spokane, Wa 99223-1522 (509)624-7230 |
|
