To my good buddies at Declude :) (ok, you made me very happy twice
yesterday)
I understand that SKIPEXT JPG would cause files with JPG extensions to
not be scanned with the virus scanners, but would that also disable the
JPG/GDI+ Vulnerability detection?
Many of us stopped skipping JPG's and
Me three, as I have the same configuration.
For what it's worth, I have seen this exploit blocked on our web proxy
server many times, but I've only seen it a few times in email; each of
those times, the .jpg was not contained in the message, it was dropped
from inside a compressed executable, or
Thanks David. I suppose we should check to make absolutely sure
though. Does anyone have a GDI+ Exploit that they can send me off-list
that isn't zipped, or a link to a test sender? I did some searching and
didn't find one. If others want to test and share their results, that
would also be
Short answer:
MSFT GDIPlus.DLL Vulnerability detection will run with our without SKIPEXT.
Long Answer:
The GDI vulnerability was added to Declude in version 1.8 -September 2004-
and some corrections were added in version 1.81.
http://www.declude.com/Articles.asp?ID=122
This statement from