- Related Stories
-
Vista for the masses
April 4, 2007 -
Symantec sizes up security in Windows Vista
February 28, 2007 -
Super Bowl stadium site packed Trojan horse
February 2, 2007 -
Cybercrooks add Windows flaw to arsenal
September 30, 2006 -
Microsoft tags IE 7 'high priority' update
July 26, 2006
The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory.
An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said.
"Upon viewing a Web page, previewing or reading a specially crafted message, or opening a specially crafted e-mail attachment, the attacker could cause the affected system to execute code," Microsoft said in its advisory.
Such holes are often exploited by cybercrooks to do "drive-by" installations of malicious software. Spyware and remote control tools that turn PCs into drones for the attacker are silently loaded onto vulnerable computers by tricking people to visit a rigged Web site or hacking a trusted site. The Web site for the Super Bowl stadium suffered a recent example of a drive-by attack.
Sample code that demonstrates the vulnerability has already been posted on the Web, McAfee said in a security alert sent to customers. "Malware exploiting this vulnerability has been observed in the wild," the security company said in the alert.
Other security experts also raised an alarm. "I expect attackers will pick up on this as soon as they figure out how to, we'll very shortly see the usual suspects using it," said Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs. "The sample site is already offline; this could be a prelude to a bigger attack."
Animated cursors allow a mouse pointer to appear animated. The animated-cursors feature is designated by the .ani suffix, but a successful attack is not constrained by this file type, Microsoft said. As a result, simply blocking such files won't protect a PC.
The exposure to attacks that exploit the flaw is mitigated on Vista machines with Internet Explorer 7, Microsoft noted. IE 7 protected mode shields the computer against drive-by installations because the browser is restricted to where it can write files.
See more CNET content tagged:
attacker,
cyberattack,
vulnerability,
Windows PC,
attack





systems.
Otherwise I might be worried that my computer could be hijacked
and used as a spambot.
Or my identity could my stolen.
But then again, I use Apple OS X to avoid these problems.
Therefore, only the temporary folder and any open tabs (if the exploit even goes that far) is succeptable.
And the fact that they try to sell you optional security software (OneCare) should tell you just how secure they think it is.
I wouldn't be at all surprised if a closer look at how other OSes and applications handle cursors could lead to more vulnerabilities being discovered?
http://news.com.com/Apple+megapatch+plugs+45+security+holes/2100-1002_3-6166971.html
Meanwhile, I can move my mouse cursor anywhere I want to here on OSX w/o fear of infection... BWAHAHAHAHAHAHA!
/P
(such news has gotta be humiliating, even for Windows).
/P
Robert
Hacker heaven here I come...
Right back where I started from...
Na na na na na na na, na na na na na
The cheaper Basic and Home Premium versions would then be vulnerable, but the enterprise oriented Business and Premium versions would not be.
The article should have pointed that out, but too often CNet articles are too brief. Space or time constraints perhaps?
But IE7 protects you from such exploit PER Microsoft.
So now, that only leaves one question to be answered... (* ROFLOL *)
Who do you beleve? CNet and those who expoited the code or Microsoft... (* CHUCKLE *)
FWIW
already exploited system any day, thankyouverymuch.
asked, "How's that mega patch doing[?]" My Mac got hijacked by
animated cursor demons. Either that, or I clicked the wrong reply
link.
- So much for Vista's "new" security design?
-
by rocwoof
April 7, 2007 6:48 AM PDT
- I have not followed Vista too closely (my "upgrade" from XP is Linux), but as part of my effort to keep up with desktop computing in general (friends/family always asking for help/advice ;-), it was my understanding that Vista was supposed to have been developed from the ground up with a new security model. Since this exploit affects all versions from Windows 2000 and up, it seems at least some parts are "legacy" code with it attendant inherited vulnerabilities.
-
Reply to this comment
-
(27 Comments)Marketspeak strikes again :-{