All the latest UK technology news, reviews and analysis

Microsoft rushes out animated cursor security fix

by Ian Williams

02 Apr 2007

Be the first to comment

  • Tweet this
Microsoft
Microsoft will issue an early patch for the animated cursor file vlunerability

Microsoft is to issue an out-of-cycle patch tomorrow for a flaw it revealed last week concerning how Windows treats animated cursor files.

The vulnerability occurs in Windows Vista, Windows 2000 SP4, Windows XP SP2 and some versions of Windows Server 2003.

Further reading

It can be exploited via email and via websites running the malicious code. Attacks based on the flaw have risen sharply since its discovery last week.

Microsoft had planned to release the patch as part of its monthly update due on 10 April, but the increase in exploits has prompted the firm to release the patch a week early.

Christopher Budd, a security programme manager at Microsoft, said on the company's Security Response Centre Blog: "Over this weekend attacks against this vulnerability have increased somewhat." 

"Due to the increased risk to customers, we were able to expedite our testing to ensure an update for broad distribution sooner than 10 April."

Microsoft claimed that the attacks and customer impact are "limited", but is encouraging users to download the patch as soon as it is made available.

Two unofficial patches have already been released to fix the bug, one from eEye Digital Security and one from the Zeroday Emergency Response Team

Microsoft said that it is working with law enforcement officers to track down attackers.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

data-security-key

Thousands of public encryption keys found to offer no security

Related white papers

Related articles

Related jobs

Today's top stories

Web blocking. Content owners want to stop copyright infringement

Music file-sharing site taken offline by UK Serious Organised Crime Agency

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Acer Aspire S3 Ultrabook

Acer Aspire S3 ultrabook review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Information Security Manager

My client is a well established, non profit organisation;...

PHP Web Developer

PHP Web Developer – £30,000 - £35,000 PHP, MySQL, HTML...

HEAD OF DIGITAL - London - £80-95K+

HEAD OF DIGITAL - London - £80-95K + Excellent Bens...

Agile C# Developer - (North London)

Agile C# Developer - (North London) £55,000 - £65,000...

To send to more than one email address, simply separate each address with a comma.