Malicious media - ASF scripting

Marius van Oers McAfee Avert Network Associates

Popular peer to peer transfer files like .MP3, .ASF and .JPG files are until now exempt from native malware. What so far happened is that the file content as such is of a complete different filetype so it just has a deceiving file extension to trick the user.

But this doesn't mean that media files are always guaranteed to be safe. Windows media files like .ASF (Advanced Systems Format) files can contain audio and video data but it can also contain other Binary files and it supports Scripting. This might become a possible new threat area in the future.

This paper will mainly focus on the .ASF file structure and the possible security issues related to that.

 del.icio.us  digg this! digg this

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

VB100 certification
VB100 This month's VB100 test saw some major changes and a radical overhaul of the VB100 test methodology - for the first time allowing products to use their 'cloud' look-up systems. John Hawes has all the details.
See full results.

Virus Bulletin currently has 224,242 registered users.