You are here: silicon.com > Software > Security Strategy

Security Strategy

Windows at risk from fancy cursors

Danger mouse...

Tags: flaw, windows

By Joris Evers

Published: 30 March 2007 08:32 BST

A new security vulnerability puts Windows users at risk of serious cyber attacks, Microsoft has warned.

The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory.

An attacker could exploit the vulnerability through a web page or email message with rigged computer code, it said.

The software behemoth said in its advisory: "Upon viewing a web page, previewing or reading a specially crafted message, or opening a specially crafted email attachment, the attacker could cause the affected system to execute code."

Such holes are often exploited by cyber crooks to do "drive-by" installations of malicious software. Spyware and remote control tools that turn PCs into drones for the attacker are silently loaded onto vulnerable computers by tricking people to visit a rigged website or hacking a trusted site.

Sample code that demonstrates the vulnerability has already been posted on the web, McAfee said in a security alert sent to customers. "Malware exploiting this vulnerability has been observed in the wild," it said in the alert.

Other security experts also raised an alarm. Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs, said: "I expect attackers will pick up on this as soon as they figure out how to - we'll very shortly see the usual suspects using it. The sample site is already offline; this could be a prelude to a bigger attack."

Animated cursors allow a mouse pointer to appear animated. The animated-cursors feature is designated by the dot-ani suffix but a successful attack is not constrained by this file type, Microsoft said. As a result, simply blocking such files won't protect a PC.

The exposure to attacks that exploit the flaw is mitigated on Vista machines with Internet Explorer 7, Microsoft noted. IE 7 protected mode shields the computer against drive-by installations because the browser is restricted to where it can write files.

Joris Evers writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

IT Specialist

Perform hardware, peripherals, operating systems and application installations for end users. Experience and knowledge of Windows XP/Vista, Windows ...

Websphere Developer - Message Broker/MQ - West Midlands

Java / Websphere / Message Broker / SOAP / Webservices. The key technical skills they are looking for are Websphere Message Broker (WMB) as well as ...

Websphere Message Broker Consultant

My client, a financial insitution requires a Websphere Message Broker consultant to join their programme. Ideal candidates will have excellent ...

CIO Agenda 2008
The exclusive silicon.com CIO Agenda 2008 survey looks at the CIO's tech shopping list for the year, examines whether IT budgets are rising or falling and reveals what the pain points are for tech chiefs this year. Find out more in our latest special report.





Quick Sitemap Links: