[Jack]

Quote:

The only way they can get into your compter to take it over for their useages is when you open e-mails or P.M.s (etc.)

That hasn't been the only way for a while. Exploits have been found embedded in jpegs, pdf's and audio files, as well as the ever-popular buffer overflows and scripts.

Quote:

This past December, a new family of worms was discovered. The family, Santy, attacked Web applications written in the PHP scripting language. Santy is interesting for two reasons: First, its worms used Web search engines to locate likely targets; second, a Santy variant exploited a generic flaw in PHP applications, rather than a specific vulnerability.

2005 Worm Propagation and Generic Attacks

Quote:

Other worms can use multiple methods of spreading. The MyDoom worm, which started spreading in January 2004, attempted to copy infected files into the folder used by Kazaa, a file-sharing program. The Nimda worm, from September 2001, was a hybrid that had four different ways of spreading.

CBC News In Depth: Internet

Quote:

Another common way for a virus or spyware to spread is by piggybacking on other software that you download. If you just can't resist the latest toolbar, file-sharing gizmo, coupon dispenser or email enhancer, you may be at risk. Often these and other downloads come with malware, free of charge.

How Does a Virus Spread?

Quote:

Several new Adobe pdf vulnerabilities were recently announced. The author claims these are basic vulnerabilities in the pdf api or architecture. The author tested his poc's against Acrobat reader and Adobe professional. The details are available here. Hacker Anthology - Operation n Hacker Discovers Adobe PDF Back Doors Here is a quick risk assessment. How widely deployed is the application? Adobe reader is widely used and deployed. (9) Are vendor patches available? No patches currently available (10) Is mitigation available and if so how complete is the mitigation? No mitigation is currently available. (10) Is user participation required? Yes. The user first has to download or click the link to a pdf. (5) So some user interaction takes place. I have not tested the POCs but several people have and their results do not match. Depending on who tested it you may have to click allow. See this discussion on who tested the pocs and their results. Network Security: Detailed info on Re: [Full-disclosure] Backdooring PDF Files Is the vulnerability cross platform? Yes. Any exploits will still have to run system dependant malware on the end host but there are plenty of malware binaries that could be used. (8) Is proof of concepts or exploit code available? The poc for two of the vulnerabilities are publicly available (10)

SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc

Quote:

The first example of a working program designed to exploit a bug in Microsoft's GDI+ library—which allows malicious code to be run simply by viewing a JPEG image—has been found in the wild. EasyNews, a provider of Usenet newsgroup services, claimed it had already found two images containing code designed to take advantage of the flaw—by downloading remote control software to infected machines. In theory, this would give the creators of the images access to both files on infected machines, as well as giving them the ability to run remote programs on them.

2004 Windows JPEG Exploit Ventures into the Wild