EEye publishes fix for Windows zero-day vulnerability

Unofficial temporary patch fixes a bug in the way Windows processes Animated Cursor files

By Robert McMillan, IDG News Service
March 30, 2007

Talkback

E-mail

Printer Friendly

Reprints

With online criminals exploiting an unpatched flaw in Windows, security vendor eEye Digital Security has come forward with an unofficial fix for the problem.

The unofficial temporary patch, published early Friday, fixes a bug in the way Windows processes Animated Cursor files, which are used to create cartoon-like cursors in Windows. Security researchers at McAfee first reported the bug on Wednesday evening, saying that it has been used in Web-based attacks.

Microsoft has said that it will eventually fix the problem and it generally recommends that users avoid this type of third-party fix for its products. But in the past, similar patches from eEye and others have been downloaded by tens of thousands of Windows users, unwilling to wait for Microsoft's updates.

Microsoft's next set of security patches are due April 10, but the software giant has not said whether or not that release will include a fix for the Animated Cursor problem.

Security vendor Determina said it informed Microsoft of the problem in December. "Microsoft fixed a closely related vulnerability with their MS05-002 security update, but their fix was incomplete," Determina warned on its Web site.

Several Web sites, including two hosted in China, are now serving attack code that exploits the bug, but this flaw is particularly worrisome because it also affects Microsoft's e-mail clients.

In a blog posting on Thursday, Microsoft Security Response Center Program Manager Adrian Stone said that Outlook Express users are vulnerable to the bug, even if they are reading their e-mail in plain text.

Microsoft advises Outlook users to read mail in plain text format, but says that Outlook 2007 users are protected even if they are not doing this.

According to eEye Chief Technology Officer Marc Maiffret, Microsoft should have caught the problem two years ago, when his company first reported the bug that was patched in the MS05-002 update. "They fixed the bug we discovered back in '05, but during their standard bug report code audit, they missed an area... where identical code was used, with an identical vulnerability," he said via instant message. "It is hard to say how long people have been exploiting this in the wild due to the similar nature of the bugs."

Microsoft representatives could not immediately be reached for comment.

Add to:

Digg

Talkback:

comment Post a Comment

MOST COMMENTS

The last chance to save Windows XP

Windows 7 is coming. Will your PC be ready?

After Bill Gates, five possible futures for Microsoft

A requiem for Windows XP

>> Talkback: Have your say

SOLUTIONS TO THE TOUGHEST IT CHALLENGES IN REMOTE OFFICES
Though small in size, remote offices face many of the same IT challenges as larger central offices. This Webcast zeroes in on the top line challenges to deliver information that can provide immediate benefits to your business. Sponsor: AMD and Dell

» Click here to view this Webcast

The Silver Lining: Cloud Computing
This IT Strategy Guide digs deep into cloud computing helping put you ahead of the curve on this hot topic. It explores the differences between cloud computing, grid computing and utility computing and then helps you see where and how each applies to your business. Sponsored by Box.net

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

Refine your company's plan for a Business Disruption Event - Many firms fail to consider how lines of communication will stay open in the event of a BDE. Make sure your company's mobile...
Factors to consider when comparing DSL or Cable - As the demand for high-speed access increases, businesses are looking for cost-effective connection options for remote workers...
Class of Service: Myths and Misconceptions - There has been much discussion about the benefits of CoS; but, there are also common myths, which unless challenged, can...
Going mobile with today's technology - Mobile applications are transforming how companies operate. With new ways to work flexibly, employees are becoming more ...
Measuring mobile productivity - Companies must be able to measure productivity gains from mobile working. Productivity is notoriously difficult to measure...
Thinking about IMS - IMS's increased flexibility and the potential it offers for new services will create a fundamental shift in the way that...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

EEye publishes fix for Windows zero-day vulnerability

MOST COMMENTS

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Video

Podcasts

InfoWorld Blogs

Columnists

Find Products and Companies

Resource Center

Sponsored Technology Links

Sponsored Technology Links
Symantec - Whitepaper: Secure, recover, and archive critical information Microsoft - {Open Source} Heroes Happen Here Symantec - Whitepaper: Protecting Microsoft(R) Applications Riverbed - Five Ugly Truths about WAFS and Caching InterSystems - Use Ensemble - quickly create composite applications. AT&T - Factors to consider when comparing DSL or Cable Cirba - Advanced Workload Analysis Techniques CA - Manage your IT more effectively. Efficient - Flexible - Compliant HP/Intel - If you don't have enough I/O, your VMs aren't going to go. Rackspace - Go Green Without Sacrificing Server Performance AT&T - Measuring mobile productivity AT&T - Thinking about IMS CA - Plan IT better, Manage IT better. AT&T - Refine your company's plan for a Business Disruption Event AT&T - Going mobile with today's technology Cirba - Consolidating Workloads onto Mainframes AT&T - What to expect from a Technology Assessment. AT&T - Class of Service: Myths and Misconceptions AT&T - Enhancing security through Quantum Cryptography		Riverbed - Wide Area Data Services Microsoft - Microsoft Forefront makes defending your systems easier. Learn how. HP - Explore the interactive whitepaper: Rightsizing Blades for the mid-market. Symantec - Webcast: Beyond AntiVirus AMD - Renowned Engineering Institution Chooses AMD Processor-Based Servers AMD - Watch this flash demo of the Quad-Core AMD Opteron Processor EMC - EMC and VMware help you build your virtualized infrastructure. AMD - HP and Oracle deploy unbreakable computing infrastructure Qwest - Learn how Qwest voice and data solutions can save you time. MKS - The Power of UNIX/Linux on Windows with MKS Toolkit Vision Solutions - Is your smaller organization ready for High Availability? Vision Solutions - Is system maintenance doing more harm than good? HP - NEW HP LaserJet P4014n printer Starting at $699 after $100 IS. HP - HP LaserJet M3035 MFP series Starting at $1,599. SHOP NOW HP - Speed, agility, flexibility - The HP BladeSystem c-Class. Vkernel - Resolve Capacity Bottlenecks and Enhance Your Virtual Environment Nokia - Restore Your Mobile Devices With One Click Oracle - The Power of Two with SOA and BPM

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS CAREERS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist