Security Alert: Windows Animated Cursor takes down Windows Vista
Microsoft has recently announced that have been reports of attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor files (.ani format). In order for the attack to be carry out, users must either visit a web page that is designed to exploit this vulnerability or view a “specially-crafted email message or attachment.”
The result of this attack involves the hack gaining the same administrative rights as the user, allowing them to execute any sort of code on your computer. There has not yet been a Security Update for this but users can keep these things in mind to keep them protected:
- Update your Windows Live One Care definitions (Microsoft has added detection to malicious behaviour caused by this exploit in One Care’s safety scanner.)
- Set security options to high (This may be a good thing to do until the Security Update is released. You never know when you will be a victim of this attack.)
- Watch out for .exe attachments (These are the most dangerous attachments since one click on Open can literally corrupt your computer’s system if the file is deemed unsafe.)
To demonstrate the severity of this attack, below is a video of a McAfee virus research manager sending the attack to a Windows Vista computer. You can also take a look at Microsoft’s security advisory here.
Source: Softpedia and Microsoft
Still need help? Check out our new forums where you can get an even faster and better response!