[Split & Re-titled] Possible security vulnerability with IrfanView?

Discussion in 'other security issues & news' started by Little Guy, Jul 4, 2006.

Thread Status:
Not open for further replies.
  1. Little Guy

    Little Guy Registered Member

    Joined:
    Jul 4, 2006
    Posts:
    3
    I'm a new member, and may be posting this to a wrong thread. I'm concerned re a possible security vulnerability with IrfanView.

    In my one computer, I have two user-accounts--one administrator and one limited. I use the limited account on the Internet whenever possible, so that if a virus should ever get past my McAfee Virus Scan, it won't infect any administrative settings. Today, while using IrfanView to modify some images, with the usual great results, I noticed, upon opening the program from the limited user account, that it was able to access all documents and settings--apparently everything--in the administrative user account. My concern is that a virus might potentially use IrfanView to infect all administrative files, folders and settings, even if I'm surfing the web from the limited account.

    Is it possible to re-configure IrfanView 3.98 to only exist and operate from the administrator user account? If not, could I uninstall it, and re-download it for the administrator only? Are my concerns valid, or is there really no such danger?
     
  2. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Re: Operaget shown to have pcdetective systemmonitor

    Yes, and the easiest method is to change the file permissions so that only the Administrator has Execute access (right-click on the file, select Properties/Security and adjust the permissions there).

    For Administrator settings, you can block access to the folder by other users by setting its Read permission to Deny for all other user groups - don't apply this to "Authenicated Users" though, since this will affect Admin also! Also take care with setting permissions since if you block too much, you may prevent other users from being able to login at all.
    IrfanView would be a very strange choice for an attacker to use - it is only present on a few systems and has no Internet-related functionality. Basically it is possible but not feasible - viruses modify files directly rather than relying on other programs. File-modifying viruses are not a big problem now though - the dangers most people will encounter are adware/spyware/trojans, either loaded on their system via an Internet Explorer exploit (using another browser like Firefox and Opera can do a great deal to avoid problems here) or downloaded from an anonymous source like P2P, IRC, Usenet or warez sites - the key here is being careful what you download.
     
  3. Little Guy

    Little Guy Registered Member

    Joined:
    Jul 4, 2006
    Posts:
    3
    Thank you, Paranoid2000! Very helpful!
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    If you're really afraid, you can use JPEG Cleaner (I think I got it right) to purge jpegs off any extra code. Or run IrfanView with DropMyRights.
    Mrk
     
  5. Little Guy

    Little Guy Registered Member

    Joined:
    Jul 4, 2006
    Posts:
    3
    Thank you, Mrk. I'll look into the programs you suggested. I had e-mailed Irfan Skiljan himself, but then posted to this forum, not believing he would answer me. He did--and advised me exactly as did Paranoid2000 re changing the file permissions. I also found Paranoid's comment that "the dangers most people will encounter are adware/spyware/trojans" particularly apropos, since the spell-check in my Microsoft Works Word Processor suddenly stopped working at all. I’d been reading about the recent Windows update "Genuine Advantage" which many feel amounts to spy ware, discussed on Windows Secrets.com. So I used System Restore to roll my settings back to just before I had downloaded it, and now my spell-check works again. I see from the thread "Microsoft's antipiracy tool phones home daily" you're already hip to this one.
     
    Last edited: Jul 11, 2006
Loading...
Thread Status:
Not open for further replies.