Animated Cursor Vulnerability
A vulnerability in the handling of animated cursor files (.ani) has led to active exploit code circulating. This exploit code can allow a remote attacker to download and execute arbitrary code on impacted systems, running that code in the context of the logged in user. The exploit code can be delivered via malicious websites or by email. Microsoft has released a Security Advisory (935423) which discusses the vulnerability, but that advisory currently provides no real workaround to protect against exploit. In response, eEye Digital has released a free patch to serve as interim protection until Microsoft releases a patch of their own. According to eEye Digital:
The temporary patch mitigates this vulnerability by preventing cursors from being loaded outside of %SystemRoot%. This disallows websites from loading their own, potentially malicious animated icons, while causing little to no business disruption on hosts with the patch installed.
Should you decide to use the eEye Digital fix, be sure to select Option 2 during installation. Otherwise, the installer will attempt to install a complete Internet Security Suite which may be way more than you bargained for and may very likely cause conflicts with existing installed protection. You can read more about eEye's quick fix and download a free copy of it from their website.
No comments yet. Leave a Comment