Microsoft Windows Animated Cursor Handling Vulnerability

Posted on Thursday, March 29, 2007 @ 23:55:47 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA24659

VERIFY ADVISORY: http://secunia.com/advisories/24659/

CRITICAL: Extremely critical

NOTE: The vulnerability is currently being actively exploited.

IMPACT: System access

WHERE: >From remote

DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error in the handling of animated cursors and can e.g. be exploited by tricking a user into visiting a malicious website using Internet Explorer or opening a malicious e-mail message. Successful exploitation allows execution of arbitrary code.

OPERATING SYSTEM:

Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows 2000 Server - http://secunia.com/product/20/
Microsoft Windows XP Home Edition - http://secunia.com/product/16/
Microsoft Windows XP Professional - http://secunia.com/product/22/
Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/
Microsoft Windows Storage Server 2003 - http://secunia.com/product/12399/
Microsoft Windows Vista - http://secunia.com/product/13223/

SOLUTION: Do not browse untrusted sites or view untrusted e-mails.

PROVIDED AND/OR DISCOVERED BY: Discovered as a 0-day.

ORIGINAL ADVISORY: Microsoft:
http://www.microsoft.com/technet/security/advisory/935423.mspx
http://blogs.technet.com/msrc/archive/2007/03/29/microsoft-security-advisory-935423-posted.aspx

OTHER REFERENCES: US-CERT VU#191609: http://www.kb.cert.org/vuls/id/191609
 
 
click Related        click Share
 
 

Re: Microsoft Windows Animated Cursor Handling Vulnerability (Score: 1)
by manunkind on Monday, April 02, 2007 @ 08:06:31 PDT

(User Info | Send a Message) http://www.pcsympathy.com

This will be fixed on Tuesday through an out-of-cycle patch. Check Windows Update.

 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 361,943,878
  • Today: 58,108
Server InfoServer Info
  • Jul 19, 2018
  • 11:54 am PDT
 
 

Daily Inspiration