“There was a time when the idea of a malicious image file was absurd enough to be the topic of an April Fools joke. One early and widely-circulated hoax message dating from 1994 warned users of a computer virus infecting the comment field of JPEG files.
“It was someone saying that just looking at a JPEG on your screen can get you a virus,” recalls Rob Rosenberg, editor of the debunking site Vmyths.com. “In ’94 it was a myth, but in ’04 it’s the real thing… We’ve got the JPEG of death now.”
An attacker can potentially craft a special JPEG file to take control of a victim’s machine when the user views the image through Internet Explorer, Outlook, Word, and other programs. Windows XP, Windows Server 2003 and Office XP are vulnerable. At present Macs are not vulnerable to the virus.