Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Prediction: Old School Exploits for Image Formats Will Come Back

August 24, 2017

  • Blog
  • Archive

Exploits for Image File Formats Will Come Back

Apple has announced a brand-new image format that will be available in iOS 11. It is called HEIF (High Efficiency Image Format), and is designed to be a high compression format used for burst photographs to replace JPG. Apple’s primary goal in introducing this new format is to save space on mobile devices, but there is a risk with this concept.

Ask yourself when the last time a new image format was released. We have standardized on JPG, PNG, TIFF, BMP and other formats. It literally has been years since a new format has been released. During this span, utilities, operating systems, and photo programs have systematically closed vulnerabilities in all of these formats making them a vector for exploitation a null point. There has not been a new widespread exploit on these formats in a very long time.

What is the Impact?

With the creation of a new format, that is expected to be widely used, everyone will need to update their operating system, mobile devices, utilities, photo programs, and even preview services used in cloud storage to view the images. The chances of any manufacturer making a mistake in their code to open and process these images is real – thus it is likely we will see a new round of vulnerabilities and image exploits against individual applications (and potentially the operating system itself) simply due to a new file format to process.

While some of my peers may balk at this prediction, it will only take one critical vulnerability to make this prediction come true. Any time we make a change of this magnitude there is risk. The file format will be standardized by Apple but it will be up to everyone else to provide compatibility for the new format. Coding mistakes – from buffer overflows to image rendering exploits – will prove whether we should consider the security ramifications anytime we introduce a new file format and standard that will be ubiquitously used almost everywhere.

How to Prepare

There is a small shimmer of light in this prediction. BeyondTrust’s Retina vulnerability management solutions will be updated with any audits necessary to identify vulnerable applications that require remediation. In addition, PowerBroker privileged access management can provide application control (via allow listing, block listing and grey listing) to isolate identified vulnerable applications through patented Vulnerability Based Application Management (VBAM).

While I truly hope this prediction only sees minimal success, I must stress to all organizations that plan to use this new format that an old school risk may reappear and we should be prepared and continue to be vigilant.

Contact us today if you need to perform an vulnerability assessment in your environment.

Morey J. Haber

Chief Technology Officer and Chief Information Security Officer at BeyondTrust

Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.