Microsoft Monitor is demistifying the JPEG security flaw FUD going on …
The news media ruckus over the JPEG security flaw really has me steamed. Microsoft is front and center taking blame for the flaw, while sites like CNET News.com raise loads of fear, uncertainty and doubt that can only be destructive.
Firstly, the problem affects more than just Microsoft software, so the company shouldn’t be so singled out. Secondly, infection would typically (but not always) require several user steps, which diminishes the threat impact. Finally, antivirus vendors could add JPEG file extensions (there are about 10) as part of a routine software update and so scan for viruses embedded in images; problem with that could be impact on system performance if every Web page image is scanned. ….
[Read on Microsoft Monitor]