JorgeIvan Posted April 3, 2007 Share Posted April 3, 2007 Microsoft is to issue an out-of-cycle patch tomorrow for a flaw it revealed last week concerning how Windows treats animated cursor files. The vulnerability occurs in Windows Vista, Windows 2000 SP4, Windows XP SP2 and some versions of Windows Server 2003. It can be exploited via email and via websites running the malicious code. Attacks based on the flaw have risen sharply since its discovery last week. Microsoft had planned to release the patch as part of its monthly update due on 10 April, but the increase in exploits has prompted the firm to release the patch a week early. Christopher Budd, a security programme manager at Microsoft, said on the company's Security Response Centre Blog: "Over this weekend attacks against this vulnerability have increased somewhat." "Due to the increased risk to customers, we were able to expedite our testing to ensure an update for broad distribution sooner than 10 April." Microsoft claimed that the attacks and customer impact are "limited", but is encouraging users to download the patch as soon as it is made available. Two unofficial patches have already been released to fix the bug, one from eEye Digital Security and one from the Zeroday Emergency Response Team. Microsoft said that it is working with law enforcement officers to track down attackers. http://www.vnunet.com/vnunet/news/2186975/...rushes-animated Link to comment Share on other sites More sharing options...
Tantawi Posted April 3, 2007 Share Posted April 3, 2007 Just installed it from Windows Update on Windows Vista (Y). And it required a reboot. http://support.microsoft.com/kb/925902 Link to comment Share on other sites More sharing options...
Joe User 99 Posted April 3, 2007 Share Posted April 3, 2007 It's already here. Microsoft Security Bulletin MS07-017 Vulnerabilities in GDI Could Allow Remote Code Execution (925902) Direct Download Links: Windows 2000 SP4 Windows XP SP2 Windows XP X64 Windows Server 2003 Windows Server 2003 Itanium Windows Server 2003 X64 Windows Vista Windows Vista X64 Link to comment Share on other sites More sharing options...
leesmithg Posted April 3, 2007 Share Posted April 3, 2007 Just installed it from Windows Update on Windows Vista (Y). And it required a reboot.http://support.microsoft.com/kb/925902 True, got it an hour ago, wish they would go back to releasing updates as they're ready, so we are protected quicker, seems pointless sometimes having automatic updates set as standard. Mine was XP Pro only update available can't remember it's KB number. Link to comment Share on other sites More sharing options...
trashpickinman Posted April 3, 2007 Share Posted April 3, 2007 I just got above patch for XP SP2 on WU. Link to comment Share on other sites More sharing options...
entropyx Posted April 3, 2007 Share Posted April 3, 2007 So even with UAC and all that stuff, Vista is STILL vulnerable? Link to comment Share on other sites More sharing options...
ahhell Posted April 3, 2007 Share Posted April 3, 2007 Most AV apps pick up this "virus". McAfee, at worked, picked it up. Zert has a test site to check and see if your browser is vulnerable. http://zert.isotf.org/advisories/zert-2007-01.htm NOTE: This doesn't seem to affect Firefox. Link to comment Share on other sites More sharing options...
John S. Veteran Posted April 3, 2007 Veteran Share Posted April 3, 2007 So this must be why they killed our Internet access at work company-wide last week. Link to comment Share on other sites More sharing options...
Nicholas-c Veteran Posted April 3, 2007 Veteran Share Posted April 3, 2007 oh? why would an animated cursor cause security treats, im downloading a update for vista thats "imporant" and was released today this is it i guess :p Link to comment Share on other sites More sharing options...
Tantawi Posted April 3, 2007 Share Posted April 3, 2007 Most AV apps pick up this "virus". McAfee, at worked, picked it up.Zert has a test site to check and see if your browser is vulnerable. http://zert.isotf.org/advisories/zert-2007-01.htm NOTE: This doesn't seem to affect Firefox. NOD32 picked it up from the test page too (Y). Link to comment Share on other sites More sharing options...
b0m8er Posted April 3, 2007 Share Posted April 3, 2007 yup, it's here, installing this fix right now! thanks! Link to comment Share on other sites More sharing options...
jmc777 Posted April 3, 2007 Share Posted April 3, 2007 So even with UAC and all that stuff, Vista is STILL vulnerable? One of the articles in the original post says... Only users running Windows Vista and Internet Explorer 7 in protected mode appear to be safe, according to Microsoft.In protected mode, no file is allowed to access or modify any system files without user permission. Link to comment Share on other sites More sharing options...
entropyx Posted April 3, 2007 Share Posted April 3, 2007 Sounds like a COMBO thing. Vista AND IE7 in protected mode. Is IE7 in protected mode by default on Vista? If that were the case that Vista alone was unable to be harmed by it, why would they release a patch for Vista? Link to comment Share on other sites More sharing options...
User6060 Posted April 3, 2007 Share Posted April 3, 2007 Sounds like a COMBO thing. Vista AND IE7 in protected mode. Is IE7 in protected mode by default on Vista?If that were the case that Vista alone was unable to be harmed by it, why would they release a patch for Vista? Yes UAC and IE7 protected mode (needs UAC enabled) are default, so most Vista users were immune to this threat. UAC is already holding its worth. Why I have it on and I'm a pretty knowledgeable computer user. Link to comment Share on other sites More sharing options...
zeroday Posted April 3, 2007 Share Posted April 3, 2007 Installed the zert patch earlier today. Looks like I didnt need to. Link to comment Share on other sites More sharing options...
xendrome Posted April 3, 2007 Share Posted April 3, 2007 Sounds like a COMBO thing. Vista AND IE7 in protected mode. Is IE7 in protected mode by default on Vista?If that were the case that Vista alone was unable to be harmed by it, why would they release a patch for Vista? Because not everyone is running in protected mode.. some corporate/business apps have issues. And they need to fix the bug... damned if they do, damned if they don't! Link to comment Share on other sites More sharing options...
obsolete_power Posted April 6, 2007 Share Posted April 6, 2007 This patch killed my WMP. Everytime I try and open it, it stops responding! I uninstalled the patch, didn't help. System restore didn't help either. Is anyone else experiencing this issue? I heard many people are having trouble with this patch. Link to comment Share on other sites More sharing options...
Recommended Posts