User Control Panel
Search iVirtua
Advanced/Tag Search...
Search Users...
What is iVirtua Exclusive Community?
  • An exclusive gaming industry community targeted to, and designed for Professionals, Businesses and Students in the sectors and industries of Gaming, New Media and the Web, all closely related with it's Business and Industry.
  • A Rich content driven service including articles, contributed discussion, news, reviews, networking, downloads, and debate.
  • We strive to cater for cultural influencers, technology decision makers, early adopters and business leaders in the gaming industry.
  • A medium to share your or contribute your ideas, experiences, questions and point of view or network with other colleagues here at iVirtua Community.
Guest's Communication
Live Chat
Teamspeak (VOIP) Audio Conference
Private Messages
Check your Private Messages
Themes
Choose an iVirtua Community theme to reflect your interests...
Business Theme
India/Arabic Theme

Gaming Theme
iVirtua Recommends
Fly Emirates Advertising
Windows animated cursors contain a security flaw
Digg This Digg Topic Tag it on del.icio.us Tag topic on On del.icio.us Technorati Search Technorati Search Post to Slashdot Post to Slashdot
You are currently in Hardware, Internet, Networking, Comms and Security
Post new topic Reply to topic
Sat Mar 31, 2007 7:38 pm Reply and quote this post
I always thought those animated cursors from ad, activeX and spyware ridden sites looked dodgy... here we are!

Reports are coming in that the way Windows handles custom additional animated cursor as opposed to the traditional arrow cursor can leave PCs open to attack, and by booby-trapping a website or e-mail attachment with code that exploits the flaw, malicious hackers could hijack a Windows PC.

In an alert, Sans said several security firms had seen evidence of websites being set up, hosting code that can exploit the bug. Information about it is being spread on bulletin boards malicious hackers are known to frequent.

PC users could fall victim by opening a booby-trapped attachment on an e-mail or by visiting a website that is hosting the code.

"Exploitation happens completely silently," said security firm McAfee which was one of the first to find the bug. Once installed, the exploit code could download and run any other file, warned McAfee.

Microsoft urged people to update their security software so they could get hold of signature files that spot and stop the exploit code.

Simply blocking the .ani files that denote animated cursors will not work as many attackers are renaming booby-trapped files to disguise their dangerous nature.

Microsoft said that many different versions of Windows were vulnerable to the attack. The list of potential victims includes Windows Vista, XP, 2000 and Server 2003.


With not using IE, security firms say you can stay safe So get firefox or Opera, and be wary of email attachments (as you should already) and you'll be fine

Finally, over at ZDNet Blogs... Microsoft knew of Windows .ANI flaw since December 2006
http://blogs.zdnet.com/security/?p=143
Quote:
A private security research outfit says it notified Microsoft about the animated cursor (.ani) code execution vulnerability since December 2006, a full four months ahead of yesterday’s discovery of Internet Explorer drive-by attacks.

Contributed by Editorial Team, Executive Management Team
372659 iVirtua Loyalty Points • View ProfileSend Private MessageBack to Top

Thu Apr 12, 2007 5:18 pm Reply and quote this post
This month Microsoft became an April fool.

Early on, a Windows ANI flaw made animated cursors of that file type vulnerable to a remote code execution attack. Its almost over thanks fo an early microsoft patch!

Seven other flaws, marked critical and important, also were addressed in April’s scheduled “Patch Tuesday” cycle. The fixes should have downloaded automatically, but can be applied manually from Microsoft’s Download Center.

http://www.microsoft.com/downloads/results.aspx?DisplayLang=en&nr=20&sortCriteria=date

Contributed by Editorial Team, Executive Management Team
372659 iVirtua Loyalty Points • View ProfileSend Private MessageBack to Top

Related Articles
Post new topic   Reply to topic


Page 1 of 1

iVirtua Latest
Latest Discussion

Discuss...
Latest Articles and Reviews

Latest Downloads
Subscribe to the iVirtua Community RSS Feed
Use RSS and get automatically notified of new content and contributions on the iVirtua Community.


Tag Cloud
access amd announced applications author based beta building business card case company content cool core course cpu create data deal dec demo design desktop developers development digital download drive email feature features file files firefox flash free future gaming google graphics hardware help industry information intel internet iphone ipod jan launch linux lol love mac market media memory million mobile money movie music net nintendo nov nvidia oct office official online patch performance playing power price product program ps3 pst publish ram release released report rss sales screen search security sep server show size software sony source speed support technology thu tue update video vista war web website wii windows work working works xbox 360 2006 2007 2008

© 2006 - 2008 iVirtua Community (UK), Part of iVirtua Media Group, London (UK). Tel: 020 8144 7222

Terms of Service and Community RulesAdvertise or Affiliate with iVirtuaRSSPress Information and Media CoverageiVirtua Version 4PrivacyContact