Microsoft Patches Animated Cursor flaw, which affects all current versions of Windows, including Vista 2007-04-04
Microsoft yesterday issued a rare "out of cycle" patch that fixes the serious Animated Cursor vulnerability, as well as six other flaws in Windows. Attack code for the Animated Cursor flaw, which affects all current versions of Windows, including Vista, has been distributed widely across the Internet, leading to the formation of a chain of malicious Web sites and spam e-mails that, if visited, can turn full control of your PC over to attackers.
You may have noticed that your mouse's cursor looks different when you visit certain Web pages. This is the result of controls, called .ANI files, that Microsoft has included in Windows that enables programmers to customize their cursors with animations or icons, such as an hourglass or a trailing cursor. However, unbeknownst to most Windows users, Microsoft's implementation of the .ANI controls was flawed with a stack buffer overflow vulnerability, and somebody discovered how to exploit it to gain control of affected systems.
Reports of attacks first started rolling in last Wednesday. Software security firm McAfee was the first to spot the attacks, which were being executed through a network of malicious Web sites and maliciously crafted HTML e-mails that gave hackers full control over systems.
By Thursday, Microsoft had seen enough. On that day, the company first posted a security advisory confirming that it was aware of the problem and that it was working hard to develop and test a patch. While Microsoft had been a
