[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: Correction



PureBytes Links

Trading Reference Links

> John Sellers writes:
> 
> > I wrote last time that "Others may wish to open my BMP file it is
> > contaminated with virus. I can not explain what these setting mean
> > but with time maybe come to understand their significance." It
> > should have included the word "not" in front of the word
> > contaminated.
> > 
> > The attached file is safe.
> 
> Can .bmp files contain virii?  They're never executed.
> 

Well in fact they can. But this needs an additional "virus-executor".
The system works as follows: the .bmp-files gets loaded into memory.
As this is an ordinary binary file, it may contain malicious code.
The "virus-executor" can either directly start the .bmp or reset
the stack-pointer to the code and initiate a crash. Problem with
this combination is, that the virus-code gets loaded without being
checked by anti-virus-software.

Viruses with this functionality have been discussed theoretically.
Chances are good, that there is no active virus around, because
it's activation-scenario is statistically quite unlikely.

Regards,

Andreas