Security firms warn of zero-day Vista and IE7 exploit
There is a new zero-day exploit floating around that could allow attackers to take complete control of a users PC. Microsoft has acknowledged the flaw in Windows animated cursor which allows developers to display small animations around the mouse pointer.
It is stated in the advisory that the attackers might hide other types of file extensions within the animation allowing the attacker to execute code on the affected system. The attacker could create a specific type of web page for his purposes, send an email with a link in it and when a user clicks on the link, the vulnerability is exploited.
Versions of Windows affected by this include up to date copies of Windows 2000, XP, Server 2003 and Vista. Windows XP SP2 is also vulnerable whether running IE6 or IE7.
Here’s the gray area. IE7 on Vista in its default “protected mode†will automatically protect users from this kind of attack. Protected mode can also be turned off which would make Vista just as vulnerable to this attack. Our advice is to leave protected mode on or turn it back on if you turned it off.
Alternate browsers such as Firefox or Opera are not affected by this flaw. Microsoft is monitoring the situation but does not consider this to be a serious threat; saying “very limited†attacks have taken place.
Simply dragging a malicious .ani file to the Vista desktop pushed it over the edge of insanity causing a “crash restart loop†which can be viewed here. The next update cycle for Microsoft products is April 10th in which a security patch for this flaw is planned, until then we advise users to not open unsolicited email or spam and only visit websites you trust (McAfee SiteAdvisor can help you out with that).
Related Posts:
March 30th, 2007
[...] Full article here: Source [...]
April 2nd, 2007
[...] By now you might have heard of the animated cursor flaw within Windows that among other things can cause your PC to crash if you download a specifically made .ani file. ANI files are animated cursor files which can be downloaded or used by websites to display different styles of cursors or small animations around the mouse pointer. [...]
April 24th, 2007
[...] This exploit is almost as serious as the ANI bug that plagued Windows a while back, which has been patched but the batch is unstable on some systems either due to varying hardware or software configurations, I’m not sure which. [...]
April 25th, 2007
[...] Vista is a pretty secure operating system, perhaps not as secure as Linux or OSX simply because those operating systems have almost no exploits but for Windows, Vista is as secure as it gets and I mean that in a good way. You may remember the ANI flaw that affected all versions of Windows including Vista, well; the ANI flaw didn’t do exactly what it was supposed to do because of Vista’s security features though it did cause problems. Vista is safe for now says Computer World. [...]
May 1st, 2007
[...] Take the SDL review process with a grain of salt; you may remember the ANI cursor flaw that was present in all versions of Windows from 2000 right up to Vista and Vista was put through the SDL process as well. How a seven year old flaw made it into a modern operating system is anybody’s guess, I just think someone wasn’t doing their job. [...]
February 16th, 2008
Encodex Technologies becomes a leading provider of Microsoft .Net 2.0 and Office SharePoint 2007 Sol…
Portland, OR — June 28, 2007 – Encodex Technologies – Microsoft Gold partner, an Offshore Software Development and Outsourcing Information Technology Company, added solid engineering expertise on latest Microsoft platforms. The most recent quarter…