Windows Animated Cursor Handling vulnerability

SANS ISC InfoSec Forums

Windows Animated Cursor Handling vulnerability
Microsoft has released advisory 935423 regarding a vulnerability in Windows Animated Cursor Handling. A bug in the way Windows deals with animated cursor files can allow execution of arbitrary code under the user that downloaded the malicious file. Affected are Win2k SP4, XP SP2, Server 2003 and Vista. We have received reports of this vulnerability being exploited in the wild. While Animated cursors are usually downloaded as .ani files, blocking these files would not be sufficient to mitigate the vulnerability. The vulnerability has been added to our missing microsoft patches table.	Maarten 158 Posts Mar 29th 2007
Thread locked Subscribe	Mar 29th 2007 1 decade ago