Today Microsoft released a patch to fix the dangerous zero-day Windows vulnerability involving animated cursor files and Windows XP SP2. Also the patch issued today fixes six other vulnerabilities.
Most of the activity around the ANI exploit has been via dozens of malicious websites that will attack the user if he visits the page with the most common versions of Internet Explorer. However, on Sunday the first worm using this exploit to spread was found. Over the weekend, the amount of attacks using this exploit have intensified. Majority of the attacks have been traced back to different Chinese hacker groups.
Computer users could end up with a malicious program on their PC after a Web browsing session and not know it, said Craig Schmugar, a virus researcher for McAfee Avert Labs, the research arm of McAfee. So far, he said, attacks have been limited to Web surfing with Internet Explorer versions 6 or 7.
Attacks against the flaw continued over the weekend, and the release of publicly available exploit code prompted Microsoft to release the patch out-of-schedule – the normal monthly patch batch is due next Tuesday.
You should get the fix via Automatic Updates or via Microsoft’s site.The patch called “MS07-017.” should be considered super high-priority and includes patches for a total of seven vulnerabilities, three affecting Windows Vista.
In addition to Windows Vista, the update applies to Windows 2000 SP4, Windows XP SP2, Windows Server 2003, Windows Server 2003 SP1, and Windows Server 2003 SP2.
“Normally Microsoft releases security patches on the second Tuesday of the month. Clearly the danger that the ANI vulnerability represents has encouraged them to release a patch as quickly as possible, which is good news for vulnerable internet users,” said Graham Cluley, senior technology consultant for Sophos. “The fact that a worm has been seen in-the-wild exploiting the Microsoft security bug has raised the