To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/security/0,39024655,39166627,00.htm

Microsoft to rush out cursor flaw fix
A patch ahead of time...

By Ina Fried

Published: Monday 02 April 2007

Microsoft said it is planning to make available this week a patch for a Windows flaw that has already been used in an attack.

Microsoft issued an advisory on the animated cursor flaw on Thursday and by Friday malicious code that took advantage of the hole was circulating.

In an email, Microsoft said it had originally planned to patch the flaw on 10 April as part of its regular monthly security update but now it plans to release the patch tomorrow because of the public exploit.

A Microsoft representative said in an email: "Since testing has been completed earlier than anticipated, Microsoft has released the update ahead of schedule to help protect customers."

The software behemoth said its analysis of the data suggests "the attacks and customer impact is limited" but said it encourages customers to download the patch when it is made available. Consumers that have Windows' automatic update feature turned on will get the patch automatically, while it will also be able to be downloaded manually.

Microsoft said it is also working with law enforcement to track down the attackers.

Ina Fried writes for CNET News.com