A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a boundary error within the handling of animated cursors and can be exploited to cause a stack-based buffer overflow via a specially crafted animated cursor file.

Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer or opens a malicious e-mail message.

NOTE: The vulnerability is currently being actively exploited.

Update Downloads

THis vulnerability has been addresses by Microsoft and you should install the patch relevant to your system:

• Microsoft Windows XP Service Pack 2 — Download the update
• Windows Vista — Download the update
• Windows Vista x64 Edition — Download the update
• Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2 — Download the update
• Microsoft Windows 2000 Service Pack 4 — Download the update
• Microsoft Windows Server 2003, Microsoft Windows Server 2003 Service Pack 1, and Microsoft Windows Server 2003 Service Pack 2 — Download the update
• Microsoft Windows Server 2003 for Itanium-based Systems, Microsoft Windows Server 2003 with SP1 for Itanium-based Systems, and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems — Download the update
• Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2 — Download the update

Bookmark this article to:

Hide Sites

This entry was posted on Wednesday, April 4th, 2007 at 9:00 am and is filed under Blog, Virus Alerts. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.