can you get viruses from any file?

[Phonedog911]

i was in my programming class today and somebody opened up a .jpg file and the teacher went off. she said that you can get infected by a virus by opening any file and that viruses attatch themselves to any files they come into contact with. a couple of the kids argured with the teach on this, but she seemed pretty sure and said some stuff about how many years she'd been working in IT and that was the end of the discussion.

i had thought it was only executable files. and that you could only get infected from a normal file the file had something like a macro in it(like those old ones that exploited ms office) and you opened it with a program that could execute that macro... is it possible for a file, like a jpg, to have a viurs or worm hidden in it, like fused with the file, or would there have to be some kind of executable in the same folder with the jpg and that executable would be run by the macro when you open the jpg. and do viruses attatch themselves to all files or just executables?

[Spyder32]

No doubt. You most like FIND viruses inside of a .jpg file because it's harder to detect and/or wouldn't be thought of as containing a virus. Their are specific binding applications out there designed to bind two files together, specifically a .jpg and a .exe. Hope that provided some insight for you.

[nihil]

Your teacher was correct insofar as there is no such thing as a "safe" file.............

Other than that, she is wrong by being too generalistic. Specific viruses will attack specific file types.

Also they may attach (append or prepend), insert, or overwrite.

If you convert a file such that it can be opened with a programming text editor, you should be safe.

Also, have a file(executable) monitor and a registry protector.

[Timmy77]

I suspect the concern behind JPGs has been the recent number of exploits in systems that actually read the JPG. Using this exploit, if your system isn't patched, code can be embedded in the JPG and infect your system when you open the file.

[Soda_Popinsky]

Their are specific binding applications out there designed to bind two files together, specifically a .jpg and a .exe.

I would really like to see a "specific" example of that. If I'm not mistaken, the jpeg would have to exploit it's renderer to run any code... Therefore "binding" a jpeg and a exe is unrealistic unless it exploits a vulnerability like the GDI overflow.

Here's another guy that claimed that was possible.
http://www.antionline.com/showthread...r=1#post737654

My bottom line: Not all files are executable, but they can be in insecure circumstances (i.e. rendering overflows), which gives every file the potential to be dangerous.

edit: I can see a .exe opening a .jpeg to make it look like it had the .jpeg extention, but not a .jpg running as an .exe.

virus.jpg.exe = possible
virus.jpg = not possible w/o certain circumstances.

[Phonedog911]

i've heard of binding two executables together, like a trojan and some other program, but not a jpg file... could it be possible to bind the virus to a file then, use an exploit in the program that's expected to open the file to execute the virus? also, what about java? couldnt java be used to put viruses on ur system via a webpage or are most browsers pretty secure against that?

[Soda_Popinsky]

Originally posted here by Phonedog911
i've heard of binding two executables together, like a trojan and some other program, but not a jpg file... could it be possible to bind the virus to a file then, use an exploit in the program that's expected to open the file to execute the virus? also, what about java? couldnt java be used to put viruses on ur system via a webpage or are most browsers pretty secure against that?

Exe + malicious exe is possible
Malicious code in a jpeg has been done before, check out the GDI vulnerability, it's very recent. Java works in a "sandbox" so it doesn't have access to things that would allow it to be malicious unless it exploited the java runtime enviroment.

[FanacooL]

Quite a long time ago i received an email...... in the contents there was text written in color and when u move ur pointer over the text the color changes to something else. Now after doing my work when i restart the system things have changed lots of exe files extensions were changed..... wht i think that mail contain was a trigger or something like that...... anyway the reason telling this story is to let u know that there are other ways of infecting system rather than just .exe files.

[Phonedog911]

yeah, thats wut i was talking about with the macro trojans. there used to be exploits in ms office that would allow people to copy files and execute malicious code on ur system. macros are how they made the text and stuff change colors, i guess the color changing was a front for copying wierd viruses all over ur system

also, i had heard somewhere that all those warez sites out there were fronts for launching attacks. apparently the site owners get exploits, etc. rewritten in java and whenever somebody visits the site they run the exploit locally on their system, this way they cant trace who's really doing it if there are a lot of ppl visiting the site

[Soda_Popinsky]

also, i had heard somewhere that all those warez sites out there were fronts for launching attacks.

Typically, any site containing shady content will most likely exploit you somehow, and can get away with it pretty easily. Let's pretend Mr. Whitecollar goes to a porn site. The porn site exploits activex and installs adware. What can Mr. Whitecollar do about it?

Possibly nothing short of a reformat. The reason the porn site is protected is because Mr. Whitecollar doesn't want anyone to suspect him of looking at porn, so he can't retaliate with a lawsuit or whatever. Us educated folks, however, know that this can happen in email or anywhere else and getting malware does not necessarily mean the user was looking at porn.
Although it is a very common reason.

Bottom line: shady sites shouldn't be trusted... Just like shady people.