Microsoft issues emergency Windows patch

The patch fixes a flaw in the processing of .ani animated cursor files that hackers have been exploiting heavily since last week

By Robert McMillan, IDG News Service
April 03, 2007

Talkback

E-mail

Printer Friendly

Reprints

With attackers finding more ways to exploit a critical flaw in its Windows operating system, Microsoft has published an emergency software patch.

The update, released as expected Tuesday morning, actually fixes seven separate Windows vulnerabilities, but security experts are most concerned about a bug in the way Windows processes .ani Animated Cursor files. Online criminals have been exploiting this bug since late last week.

This is the only one of the seven vulnerabilities rated "critical" by Microsoft.

Microsoft was forced to release the early update a week ahead of schedule because attacks had become too widespread, said Ken Dunham, director of malicious code intelligence with iDefense. "We have more than 400 different URLs identified and related to attacks, and multiple e-mails have been sent out that direct people back there," he said. "We have proof that organized groups are now launching attacks."

The .ani attack vector will probably be one of the "most prevalent and persistent types of attacks we will see in the next months and years," he said.

Exploit code for the flaw has now been added to the widely used Metasploit hacking tool, and there are automated malicious Web site generation tools available, he added.

This is the third such "out-of-band" patch release Microsoft has made since January 2006, Microsoft's public relations agency said in a statement. "Each time, the decision to go out-of-band has been a carefully considered decision to protect customers from an emerging security issue," the statement said. Microsoft executives could not be reached immediately for comment.

Microsoft was first notified of the flaw in December 2006 by security vendor Determina.

On Tuesday, a Determina executive said that Microsoft would have been better off issuing a patch for the .ani flaw sooner, rather than waiting for the April update and forcing customers to rush an emergency fix. "The customers are now going to incur the same cost as they would before, except that they are going to have to do this in panic," said Nand Mulchandani, Determina's vice president of marketing. "I have no idea why they didn't do this earlier."

Windows users are strongly encouraged to install the patch because the .ani flaw can be used to exploit computers running virtually any version of Windows, including Vista, even if they are running non-Microsoft browsers like Firefox and Opera, Mulchandani said.

Add to:

Digg

Talkback:

comment Post a Comment

MOST COMMENTS

The last chance to save Windows XP

Windows 7 is coming. Will your PC be ready?

After Bill Gates, five possible futures for Microsoft

A requiem for Windows XP

>> Talkback: Have your say

Beyond AntiVirus: Symantec Endpoint Protection
Today's threats to the endpoint are much more dangerous as they rapidly evolve to evade traditional security measures. To combat these threats, companies should supplement existing security with proactive behavioral based technologies. Join this webcast to learn about Symantec's next generation AntiVirus solution that provides that level of protection. Sponsor: Symantec

» Click here to view this Webcast

The Silver Lining: Cloud Computing
This IT Strategy Guide digs deep into cloud computing helping put you ahead of the curve on this hot topic. It explores the differences between cloud computing, grid computing and utility computing and then helps you see where and how each applies to your business. Sponsored by Box.net

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

Get more from your Electronic Software Delivery investment - Electronic software delivery (ESD) offers software vendors the potential for significant business benefits. By enabling ...
Improve download completion rates - Companies engaging in electronic software delivery (ESD) measure download completion rates as the key performance indicator...
Delivering Unmatched Performance for Large File Downloads - The Internet is an essential channel for the delivery of digital assets. In order to take advantage of the full potential...
Disaster Recovery in Minutes - This paper describes a complete disk-based system recovery solution for Microsoft Windows based servers, desktops, and laptops...
Protecting Microsoft(R) Applications - Microsoft Exchange, SQL, Active Directory, and SharePoint have quickly risen to mission-critical status in many companies...
Reduce Recovery Times and Tape Costs - Today's enterprises face a data protection challenge: how to optimize the backup and recovery of business-critical data ...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

Microsoft issues emergency Windows patch

MOST COMMENTS

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Video

Podcasts

InfoWorld Blogs

Columnists

Find Products and Companies

Resource Center

Sponsored Technology Links

Sponsored Technology Links
Symantec - Whitepaper: Secure, recover, and archive critical information Microsoft - {Open Source} Heroes Happen Here Symantec - Whitepaper: Protecting Microsoft(R) Applications Riverbed - Five Ugly Truths about WAFS and Caching InterSystems - Use Ensemble - quickly create composite applications. AT&T - Factors to consider when comparing DSL or Cable Cirba - Advanced Workload Analysis Techniques CA - Manage your IT more effectively. Efficient - Flexible - Compliant HP/Intel - If you don't have enough I/O, your VMs aren't going to go. Rackspace - Go Green Without Sacrificing Server Performance AT&T - Measuring mobile productivity AT&T - Thinking about IMS CA - Plan IT better, Manage IT better. AT&T - Refine your company's plan for a Business Disruption Event AT&T - Going mobile with today's technology Cirba - Consolidating Workloads onto Mainframes AT&T - What to expect from a Technology Assessment. AT&T - Class of Service: Myths and Misconceptions AT&T - Enhancing security through Quantum Cryptography		Riverbed - Wide Area Data Services Microsoft - Microsoft Forefront makes defending your systems easier. Learn how. HP - Explore the interactive whitepaper: Rightsizing Blades for the mid-market. Symantec - Webcast: Beyond AntiVirus AMD - Renowned Engineering Institution Chooses AMD Processor-Based Servers AMD - Watch this flash demo of the Quad-Core AMD Opteron Processor EMC - EMC and VMware help you build your virtualized infrastructure. AMD - HP and Oracle deploy unbreakable computing infrastructure Qwest - Learn how Qwest voice and data solutions can save you time. MKS - The Power of UNIX/Linux on Windows with MKS Toolkit Vision Solutions - Is your smaller organization ready for High Availability? Vision Solutions - Is system maintenance doing more harm than good? HP - NEW HP LaserJet P4014n printer Starting at $699 after $100 IS. HP - HP LaserJet M3035 MFP series Starting at $1,599. SHOP NOW HP - Speed, agility, flexibility - The HP BladeSystem c-Class. Vkernel - Resolve Capacity Bottlenecks and Enhance Your Virtual Environment Nokia - Restore Your Mobile Devices With One Click Oracle - The Power of Two with SOA and BPM

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS CAREERS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist