Windows zero-day exploit – ANI Exploit

Depending on what you use, this is kind of an important issue you should look at – it’s about an unspecified vulnerability involving loading of ANI (animated cursor) files embedded in web pages, which can lead to arbitrary code execution.
 
Basically, if you use MSIE or Outlook (and maybe anything that uses the MSIE rendering engine), you are affected and should (in my opinion at least) take steps to mitigate the issue:
 
• Install the temporary patch provided by eEye:
• Update your AV program.
• Don’t use MSIE or anything that uses the MSIE rendering engine (i.e. Outlook 2003 (and below) ).
 
 
You can find further information at:
Microsoft’s website:
 
eEye’s website (inc. temporary patch):
 
 
 
 
—- Update —-
03/04/2007 @ 23:53
Microsoft have now released a patch for this (under MS07-017) – go update you computers!
 
See URI below for more information:
 
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: