Josh's Windows Weblog » Beware of the Cursor

Beware of the Cursor

There is a new exploit for animated cursors running around that affects just about all Windows versions (including Windows Vista). Details on the exploit can be found here: http://www.microsoft.com/technet/security/advisory/935423.mspx

 The exploit is in the form of a malformed .ANI file or animated cursor which can be embedded in a email or HTML page.

Sandi has some additional insight and guidance, Basically this comes down to use common sense on opening emails, if isn't from someone you know then don't open it. The recommended work around at the current time is to use plain text email, which for most people isn't something they can do in all reality. So for the time being just be a little more sensative with the mail you open and the sites you visit.

 

 

Posted Mar 29 2007, 06:35 PM by Josh Phillips

Follow Me on Twitter

Did you enjoy this article? If yes, then subscribe to our RSS 2.0 feed or

Comments

Sandi Hardmeier wrote re: Beware of the Cursor
on 03-29-2007 10:17 PM

Hi Josh,

I've updated the blog entry to point out that Outlook Express users are not protected if they set OE to use plain text.  Also, if you forward or reply to a dangerous email in Windows Mail, you are not protected :(

Josh Phillips wrote re: Beware of the Cursor
on 03-30-2007 8:13 AM

Thanks for the update Sandi!

Josh's Windows Weblog wrote Animated Cursor Patch Coming Tuesday For Windows
on 04-02-2007 8:18 AM

Last week there was an exploit annouced, that had apparently been known since late in December 2006 .

Windows is a registered trademark of Microsoft Corporation.
Powered by Community Server (Non-Commercial Edition), by Telligent Systems Themed By nb development