• On MP3.com: Free music videos

March 29, 2007 12:14 PM PDT

Cursor hole puts Windows PCs at risk

A new security vulnerability puts Windows users at risk of serious cyberattacks, Microsoft warned late Wednesday.

The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory.

An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said.

"Upon viewing a Web page, previewing or reading a specially crafted message, or opening a specially crafted e-mail attachment, the attacker could cause the affected system to execute code," Microsoft said in its advisory.

Such holes are often exploited by cybercrooks to do "drive-by" installations of malicious software. Spyware and remote control tools that turn PCs into drones for the attacker are silently loaded onto vulnerable computers by tricking people to visit a rigged Web site or hacking a trusted site. The Web site for the Super Bowl stadium suffered a recent example of a drive-by attack.

Sample code that demonstrates the vulnerability has already been posted on the Web, McAfee said in a security alert sent to customers. "Malware exploiting this vulnerability has been observed in the wild," the security company said in the alert.

Other security experts also raised an alarm. "I expect attackers will pick up on this as soon as they figure out how to, we'll very shortly see the usual suspects using it," said Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs. "The sample site is already offline; this could be a prelude to a bigger attack."

Animated cursors allow a mouse pointer to appear animated. The animated-cursors feature is designated by the .ani suffix, but a successful attack is not constrained by this file type, Microsoft said. As a result, simply blocking such files won't protect a PC.

The exposure to attacks that exploit the flaw is mitigated on Vista machines with Internet Explorer 7, Microsoft noted. IE 7 protected mode shields the computer against drive-by installations because the browser is restricted to where it can write files.

See more CNET content tagged:
attacker, cyberattack, cursor, vulnerability, Microsoft Internet Explorer 7

Add a Comment (Log in or register) 27 comments (Showing first 20 comments)
News Flash
by befuddledms March 29, 2007 12:48 PM PDT
It was reported today that all Windows PCs have a vulnerability that can allow a malicious user to take over that PC. The vulnerability is enabled by turning on the PC....
Reply to this comment
The most SECURE Operating System!!!
by WO Dood March 29, 2007 12:49 PM PDT
Thank God Microsoft Vista is more secure than my Apple Mac OS X
systems.

Otherwise I might be worried that my computer could be hijacked
and used as a spambot.

Or my identity could my stolen.

But then again, I use Apple OS X to avoid these problems.
Reply to this comment View all 3 replies
Just as vulnerable
by nelzp0929 March 29, 2007 1:18 PM PDT
You're living in a dream world. How's that mega patch doing.

http://news.com.com/Apple+megapatch+plugs+45+security+holes/2100-1002_3-6166971.html
Reply to this comment View reply
the usual suspects
by n3td3v March 29, 2007 1:20 PM PDT
the usual suspects, ah, right. like cnet readers know what you mean by that... cheers, thanks, yours, n3td3v.
Reply to this comment
Welcome to Windows...
by Penguinisto March 29, 2007 1:53 PM PDT
...where even your freakin' MOUSE CURSOR can get you r machine compromised...

(such news has gotta be humiliating, even for Windows).

/P
Reply to this comment
Is Microsoft so far gone...
by Heebee Jeebies March 29, 2007 4:46 PM PDT
They can't even secure something as simple and mundane as the cursor. Is this a joke or are we all the fools?

Robert
Reply to this comment View reply
10 Years Ago It Was Screensavers
by Stating March 29, 2007 9:04 PM PDT
Ten years ago the computer infection making the rounds was the .scr exploit. So here we are today and now it is cursors.

Hacker heaven here I come...
Right back where I started from...
Na na na na na na na, na na na na na
Reply to this comment
Which is it?
by WJeansonne March 29, 2007 10:19 PM PDT
You save Windows Vista is vulnerable up front in the article, but then retract the statement more or less at the end of the article by saying IE 7 protects you from it.
Reply to this comment View all 2 replies
Quite well, thanks for asking
by jimothyGator March 30, 2007 3:04 AM PDT
I'll take a patched, not exploited system over a not-yet-patched,
already exploited system any day, thankyouverymuch.
Reply to this comment View all 3 replies
So much for Vista's "new" security design?
by rocwoof April 7, 2007 6:48 AM PDT
I have not followed Vista too closely (my "upgrade" from XP is Linux), but as part of my effort to keep up with desktop computing in general (friends/family always asking for help/advice ;-), it was my understanding that Vista was supposed to have been developed from the ground up with a new security model. Since this exploit affects all versions from Windows 2000 and up, it seems at least some parts are "legacy" code with it attendant inherited vulnerabilities.

Marketspeak strikes again :-{
Reply to this comment
 See all 27 Comments >>
Powered by Jive Software
advertisement

Latest tech news headlines

Resource center from News.com sponsors
You Need The Speed of Norton 2009
Introducing Norton Internet Security™2009

Click Here!
With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

Click Here!
The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement

Inside CNET News

Scroll Left Scroll Right