Network traffic from www.unknownworlds.com/forums/uploads/av-8010.gif</ matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME1\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE..
Yeah I have Norton and I have been using the same file for over ten years now, so it could have just been something I looked at a while ago and Norton picked it up again.
A GIF file by itself is harmless unless there's an issue with the file decoding which allows a buffer overflow to run unauthorised code.
Microsoft did manage to screw this up quite a while ago, and it was patched, but I thought it was JPG they made a mess of...
It may be "technically" infected, but if this targetted the old unpatched version of IE, it's probably safe now, and it's just been flagged for historic reasons.
The more I read, the more I like linux on my laptop :-p
Microsoft, it seems, have either been *GROSSLY* careless, or these "exploits" were intentional in my opinion...
We always knew there were backdoors into Windows, and I suppose widely used image formats could be the best way to get in to as many machines as possible...
Comments
Action taken: No action Required
Attacking Computer: www.unkbownworlds.com (67.18.238.10, 80)
attacker URL: www.unknownworlds.com/forums/uploads/av-8010.gif
Destination Address: my computer
Source address: 67.18.238.10 (67.18.238.10)
Traffic Description: TCP, www-http
Network traffic from www.unknownworlds.com/forums/uploads/av-8010.gif</ matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME1\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE..
--It could be a false positive though as I don't have this issue for example using Avast+Chrome...
Hmm just scanned that file... Avast says the following:
Severity: High
Status: Threat: HTML:Iframe-inf
Microsoft did manage to screw this up quite a while ago, and it was patched, but I thought it was JPG they made a mess of...
It may be "technically" infected, but if this targetted the old unpatched version of IE, it's probably safe now, and it's just been flagged for historic reasons.
<a href="http://virusscan.jotti.org/en/scanresult/73838f7293c9b850b11afb9acab9ecf99f459bee" target="_blank">http://virusscan.jotti.org/en/scanresult/7...ab9ecf99f459bee</a>
<a href="http://technet.microsoft.com/en-us/security/bulletin/ms04-028" target="_blank">http://technet.microsoft.com/en-us/securit...lletin/ms04-028</a>
Microsoft, it seems, have either been *GROSSLY* careless, or these "exploits" were intentional in my opinion...
We always knew there were backdoors into Windows, and I suppose widely used image formats could be the best way to get in to as many machines as possible...
<a href="http://tools.cisco.com/security/center/viewAlert.x?alertId=16580" target="_blank">http://tools.cisco.com/security/center/vie...x?alertId=16580</a>
<a href="http://www.checkpoint.com/defense/advisories/public/announcement/ms-image-vulnerability.html" target="_blank">http://www.checkpoint.com/defense/advisori...nerability.html</a>