On TechRepublic: Who made the worst PC ever?
BNET Business Network:
BNET
TechRepublic
ZDNet
12 TalkBacks

By Joris Evers, News.com
Posted on ZDNet News: Mar 29, 2007 7:14:00 PM

A new security vulnerability puts Windows users at risk of serious cyberattacks, Microsoft warned late Wednesday.

The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory.

An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said.

"Upon viewing a Web page, previewing or reading a specially crafted message, or opening a specially crafted e-mail attachment, the attacker could cause the affected system to execute code," Microsoft said in its advisory.

Such holes are often exploited by cybercrooks to do "drive-by" installations of malicious software. Spyware and remote control tools that turn PCs into drones for the attacker are silently loaded onto vulnerable computers by tricking people to visit a rigged Web site or hacking a trusted site. The Web site for the Super Bowl stadium suffered a recent example of a drive-by attack.

Sample code that demonstrates the vulnerability has already been posted on the Web, McAfee said in a security alert sent to customers. "Malware exploiting this vulnerability has been observed in the wild," the security company said in the alert.

Other security experts also raised an alarm. "I expect attackers will pick up on this as soon as they figure out how to, we'll very shortly see the usual suspects using it," said Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs. "The sample site is already offline; this could be a prelude to a bigger attack."

Animated cursors allow a mouse pointer to appear animated. The animated-cursors feature is designated by the .ani suffix, but a successful attack is not constrained by this file type, Microsoft said. As a result, simply blocking such files won't protect a PC.

The exposure to attacks that exploit the flaw is mitigated on Vista machines with Internet Explorer 7, Microsoft noted. IE 7 protected mode shields the computer against drive-by installations because the browser is restricted to where it can write files.

  • Talkback
  • Most Recent of 12 Talkback(s)
Philosophy
I did read your post. I suppose this is a matter of personal philosophy, but I personally believe that browsers should be sandboxed. i.e. protected mode in Vista, or most other alternative browsers. Y... (Read the rest)
Posted by: boxmonkey Posted on: 04/01/07 You are currently: Logged In | Log out
Windows or IE flaw? boxmonkey   | 03/29/07
Mostly Windows and IE lostinspace   | 03/29/07
Windows flaw PB_z   | 03/29/07
Sounds more like IE boxmonkey   | 03/29/07
Admin Account register@...   | 03/30/07
Not an IE flaw at all PB_z   | 04/01/07
Philosophy boxmonkey   | 04/01/07
Cursor hole puts Windows PCs at risk Loverock Davidson   | 03/29/07
BETTER AND BETTER!!!!!! galileon   | 03/29/07
So looks like Protected Mode works georgeou   | 03/29/07
Reality check EJHonda   | 03/30/07
"Trustworthy Computing" rpmyers1   | 03/30/07

What do you think?

advertisement
advertisement
advertisement
Click Here