Friday, September 24, 2004

H+BEDV discovers kit, to take advantage of JPEG security gap

Tettnang, 24 September 2004 – The antivirus specialists from the premises H+BEDV Datentechnik have discovered the first kit to create JPEG files with an integrated Exploit-Code.

This kit is technically named “construction kit”. Only very little knowledge is required for the „Script Kiddies“ to create such JPEG files with the help of this kit.

The user simply needs to enter the file to be downloaded into a field and clicks on the button „Make“ – and the JPEG-file is concluded that integrates the Exploit-Code.

If such a manipulated picture is received in an email or exchanged in an Internet page, the embedded file is dowloaded immediately and executed immediately.

The experts of the AntiVir-virus lab H+BEDV Datentechnik categorize the security risk as “high“, as there could reside a Trojan, worm or other harmful files behind the downloaded file. Furthermore, a great amount of PCs are not equipped with a updated security patch. They urgently recommend to bring in an updated security patch “MS04-028”.

AntiVir is able to recognize JPEG files with the current version, which take advantage of this security gap. Although H+BEDV has never before secured such files in the wild before, its first emergence is only a matter of time.

About H+BEDV Datentechnik

The enterprise H+BEDV Datentechnik GmbH has been specialized in the development of system comprehensive business security solutions since 1988. Leading national and international companies count to the customers in the profit and non profit area, diverse education institutes so as public orderers.

The central objective of H+BEDV Datentechnik GmbH is the constant elimination of security gaps in the area of company critical applications and the securing of the added value fields.

Besides a comprehensive product portfolio in the MS-Windows environment, the company takes in a technologic leading position in the growth market in the Linux operating systems. Already today H+BEDV Datentechnik GmbH offers high-performance solutions for file servers, web servers and mail servers so as workstations.

The AntiVir scanner has been awarded with the VB-100-Prozent-Award in 2004 several times and, furthermore, has a current certificate of the TÜV (Association for Technical Inspection).

H+BEDV Datentechnik GmbH disposes of a dense distributional net with numerous resellers in Europe and outside Europe so as independent distribution channels. Furthermore, the company works close together with the Federal Office for IT Security.

Further information regarding H+BEDV Datentechnik GmbH and AntiVir can be attained from: www.hbedv.com

Press contact

For further information and format material and picture material please contact:
H+BEDV Datentechnik GmbH
Karin Klösges
Lindauer Strasse 21
D-88069 Tettnang
Tel.: +49 (0) 7542 – 500 0
Fax: +49 (0) 7542 – 525 10
Email: presse@antivir.de
www.hbedv.com

onpact AG
Olaf Mürköster
Forstenrieder Allee 194
81476 München
Tel.: +49 (0) 89 - 759003-123
Fax: +49 (0) 89 - 759003-10
Email: muerkoester@onpact.de
www.onpact.de

About Avira

Avira protects people in the connected world – enabling everyone to manage, secure, and improve their digital lives. The Avira umbrella covers a portfolio of security and performance applications for Windows, Android, Mac, and iOS. In addition, the reach of our protective technologies extends through OEM partnerships. Our security solutions consistently achieve best-in-class results in independent tests for detection, performance, and usability. Avira is a privately-owned company that employs 500 people. Its headquarters are near Lake Constance, in Tettnang, Germany, and the company has additional offices in Romania, India, Singapore, China, Japan & the United States. A portion of Avira's sales support the Auerbach Foundation, which assists education, children, and families in need. For more information about Avira visit www.avira.com.