An exclusive gaming industry community targeted
to, and designed for Professionals, Businesses
and Students in the sectors and industries
of Gaming, New Media and the Web, all closely
related with it's Business and Industry.
A Rich content driven service including articles,
contributed discussion, news, reviews, networking, downloads,
and debate.
We strive to cater for cultural influencers,
technology decision makers, early adopters and business leaders in the gaming industry.
A medium to share your or contribute your ideas,
experiences, questions and point of view or network
with other colleagues here at iVirtua Community.
I always thought those animated cursors from ad, activeX and spyware ridden sites looked dodgy... here we are!
Reports are coming in that the way Windows handles custom additional animated cursor as opposed to the traditional arrow cursor can leave PCs open to attack, and by booby-trapping a website or e-mail attachment with code that exploits the flaw, malicious hackers could hijack a Windows PC.
In an alert, Sans said several security firms had seen evidence of websites being set up, hosting code that can exploit the bug. Information about it is being spread on bulletin boards malicious hackers are known to frequent.
PC users could fall victim by opening a booby-trapped attachment on an e-mail or by visiting a website that is hosting the code.
"Exploitation happens completely silently," said security firm McAfee which was one of the first to find the bug. Once installed, the exploit code could download and run any other file, warned McAfee.
Microsoft urged people to update their security software so they could get hold of signature files that spot and stop the exploit code.
Simply blocking the .ani files that denote animated cursors will not work as many attackers are renaming booby-trapped files to disguise their dangerous nature.
Microsoft said that many different versions of Windows were vulnerable to the attack. The list of potential victims includes Windows Vista, XP, 2000 and Server 2003.
With not using IE, security firms say you can stay safe So get firefox or Opera, and be wary of email attachments (as you should already) and you'll be fine
Finally, over at ZDNet Blogs... Microsoft knew of Windows .ANI flaw since December 2006 http://blogs.zdnet.com/security/?p=143
Quote:
A private security research outfit says it notified Microsoft about the animated cursor (.ani) code execution vulnerability since December 2006, a full four months ahead of yesterday’s discovery of Internet Explorer drive-by attacks.
Early on, a Windows ANI flaw made animated cursors of that file type vulnerable to a remote code execution attack. Its almost over thanks fo an early microsoft patch!
Seven other flaws, marked critical and important, also were addressed in April’s scheduled “Patch Tuesday” cycle. The fixes should have downloaded automatically, but can be applied manually from Microsoft’s Download Center.