SDA India is an online resource for Software, Development,IT, Architecture, Open Source, Mobile, Security, Databases, Delphi, C, OS, Asp, .Net, Php, Xml, Java
Analyst Corner
Malicious animated cursors exploit unpatched Microsoft vulnerability Windows Vista users not immune from security hole
Sophos has warned computer users of a zero day vulnerability in the way that Microsoft Windows handles animated cursors (.ANI files). Multiple versions of Microsoft Windows are affected by the unpatched vulnerability, including Windows Vista.
According to an advisory by Microsoft, Windows 2000, XP, Server 2003 and Vista are said to be affected by the flaw, which has been exploited by hackers in targeted attacks.
"Animated cursors are typically used by website developers to enrich users' online experiences, but a twirling hourglass is hardly worth the risk of a malicious attack. Sadly users don't get a choice as to whether a website attempts to animate their cursor or not, and hackers could use the vulnerability to run malware," said Graham Cluley, senior technology consultant for Sophos. "Microsoft will be scrabbling to fix this vulnerability at the earliest possible opportunity, as hackers are already exploiting the security loophole in their attempt to infect innocent computer users."
Sophos researchers have analyzed malware which exploits the Microsoft vulnerability, issuing protection against the Troj/Animoo-U Trojan horse at 23:46 GMT on 29 March 2007.
Microsoft has published an advisory on its website which discusses the vulnerability.
According to an advisory by Microsoft, Windows 2000, XP, Server 2003 and Vista are said to be affected by the flaw, which has been exploited by hackers in targeted attacks.
"Animated cursors are typically used by website developers to enrich users' online experiences, but a twirling hourglass is hardly worth the risk of a malicious attack. Sadly users don't get a choice as to whether a website attempts to animate their cursor or not, and hackers could use the vulnerability to run malware," said Graham Cluley, senior technology consultant for Sophos. "Microsoft will be scrabbling to fix this vulnerability at the earliest possible opportunity, as hackers are already exploiting the security loophole in their attempt to infect innocent computer users."
Sophos researchers have analyzed malware which exploits the Microsoft vulnerability, issuing protection against the Troj/Animoo-U Trojan horse at 23:46 GMT on 29 March 2007.
Microsoft has published an advisory on its website which discusses the vulnerability.
Related Links
None
