Microsoft is warning that attackers are actively exploiting an unpatched vulnerability in animated cursor (.ani) files for Windows.
Security vendors have seen targeted attacks that used malformed .ani files. The flaw could allow attackers to take control of a system with no user interaction.
The attack is launched when the user receives a specially crafted .ani file embedded in either a web page or email. The file is installed on the user's system and then delivers its malicious payload.
Nearly all supported versions of Windows and Internet Explorer are vulnerable to the attack. Only users running Windows Vista and Internet Explorer 7 in protected mode appear to be safe, according to Microsoft.
In protected mode, no file is allowed to access or modify any system files without user permission.
Freshly launched 11nm Qualcomm silicon will come with Adreno 612 GPU
Are pinning down the exact rate of expansion of the Hubble constant
RISC OS 5 to form the basis of RISC OS Open after Castle Technology sells to RISC OS Developments
A smartphone maker fiddling its benchmarking scores? That's unusual, isn't it?