Welcome to the Virus Encyclopedia of Panda Security.
It is a detection for specially crafted ANI files that attempt to exploit the vulnerability in the Cursor and Icon Format Handling.
|First detected on:||Dec. 30, 2004|
|Detection updated on:||Nov. 8, 2007|
|Yes, using TruPrevent Technologies
LoadImage is a detection for specially crafted ANI files that attempt to exploit the vulnerability in the Cursor and Icon Format Handling, described in the Microsoft security bulletin MS05-002.
This vulnerability allows to remotely execute any piece of code on the affected computer, with the same rights as the user who opens the image or views it through the preview pane in web style folders.
If this user had administrator rights, the risk level rises, as the malicious code could carry out the same actions as the system administrator: install programs, delete or modify files, etc.
If your Panda solution detects LoadImage, it does not necessarily mean that your computer is vulnerable to LoadImage. It warns the user of the presence of a malicious ANI file.
If you have a Windows 2003/XP/2000/NT/Me/98 computer, it is very recommendable to visit Microsoft's official website and download and install the security patch for the Cursor and Icon Format Handling vulnerability.
LoadImage is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.