Exploit for latest Windows vulnerability already animated

A vulnerability in the way Windows handles animated cursors puts users at risk of being pwnd, and several nefarious websites are already trying to exploit the flaw, according to the SANS Internet Storm Center.

The flaw is present on virtually the entire line of Windows OSes, including Vista, which has been held up as Redmond's poster child for safe computing. According to McAfee, Windows users browsing malicious sites using IE versions 6 or 7 risk having arbitrary code run on their machines. Those using Firefox are not vulnerable. Microsoft said in an advisory that it is investigating reports of the flaw.

View: The full story
News source: The Reg

Report a problem with article
Previous Story

Hacking the Apple TV

Next Story

Denmark leads the networked world

18 Comments

Commenting is disabled on this article.

What this once again hi-lites is that MS has made too many system-level APIs visible through IE, and then has all these components running with high rights.
"Those who do not understand UNIX are doomed to re-create it forever."

You know... this is getting really sad...

Neowin newsposters found it fit to post an animated cursor bug about Windows, which is a regression from SP1 to SP2 in XP too and which BTW is not a problem on Vista and IE 7.

However, when I posted something to BPN how at the day of the release of RedHat's RHEL5 there were 11 security advisories for it, I was explained how that is not news but is instead my gripe with RedHat.

Now this is for sure not all newsposters, but I tell you, it is silly.

BigBoy said,
You know... this is getting really sad...

Neowin newsposters found it fit to post an animated cursor bug about Windows, which is a regression from SP1 to SP2 in XP too and which BTW is not a problem on Vista and IE 7.

However, when I posted something to BPN how at the day of the release of RedHat's RHEL5 there were 11 security advisories for it, I was explained how that is not news but is instead my gripe with RedHat.

Now this is for sure not all newsposters, but I tell you, it is silly.

actually it is a problem in vista and IE7 also and it is not a regression, this bug is in W2K also along with SP1 of XP...

A vulnerability in the way Windows handles animated cursors puts users at risk of being pwnd
-----
sorry don't read articles with pwnd in
#3.1 Posted by Kushan on 30 Mar 2007 - 06:58
ya, srsly, wtf iz goin on ther?
-----

Although I tend to agree, it says Neowin on my screen, home of UNPROFESSIONAL journalism.

Microsoft said those using IE 7 on Vista are safe from the vulnerability because of a protected mode

Determina security research says Firefox users are vulnerable to this Windows flaw because Mozilla Firefox uses the same underlying Windows code for processing ANI files, and can be exploited similarly to Internet Explorer

On Windows XP: Firefox and IE are both at risk
On Windows Vista: Firefox is at risk but IE7 is NOT at risk :P

"Microsoft said those using IE 7 on Vista are safe..."
And if you believe that I've got some prime swampland I'd like to show you, heavily discounted, motivated seller.

Yeah but is protected mode even enabled by default or don't you have to specifically run your browser in protected mode, which nobody does?
Also, saying it's not vulnerable is one thing, it will still, from the stuff I've read, crash your browser and put it in a loop of crashing and restarting, but you won't get pwnd, something like that.
The crash prevents the exploit, etc.

hapbt said,
Yeah but is protected mode even enabled by default or don't you have to specifically run your browser in protected mode, which nobody does?

IE7 Protected Mode is enabled by default because UAC is ON by default.
By default IE7 always runs in protected mode
.
Only the stupid users which disabled the UAC are at risk
Where are all stupid users which said: "the UAC is the first thing I disable when I install Vista" ? :D
Stupid users take that ANI in your ASS!

Windows users browsing malicious sites using IE versions 6 or 7 risk having arbitrary code run on their machines. Those using Firefox are not vulnerable

So this, as someone said above, is a problem of IE rather that the OS itself. IMO Another scare tactic to get people to buy their software