Advertisement
Promo

Security threats Toolkit

Windows cursor exploit spreads

Dawn Kawamoto CNET News

Published: 02 Apr 2007 11:05 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A zero-day exploit that takes advantage of a vulnerability in the Windows cursor could be spreading rapidly.

Read this

Talkback comment

"Anyone still using MSIE is flirting with danger. This has been proven to be the most vulnerable, insecure, browser on planet earth."

Read more +

The hole in the Windows animated cursor, which was flagged in a Microsoft advisory on Thursday, has moved from a targeted attack to one that is widespread, said Johannes Ullrich, chief research officer for the Sans Institute, which also issued an advisory.

Attackers also on Thursday launched a Trojan spam that dupes users into thinking it's an IE 7 beta, according to a Sans advisory. The Trojan uses the same file name as Microsoft's legitimate IE 7 betas, making detection more difficult, Ullrich noted.

"Antivirus software was initially pretty useless in combating it," Ullrich said. "It was spammed out quickly and probably used an existing spam network."

He noted, however, that users have to click on a link to have their systems affected, so it is less of a threat than the Windows animated cursor zero-day flaw, or a security hole that has been publicly disclosed but not fixed.

"With the (animated cursor), you don't have to click on a link to get it to launch," Ullrich said. "You just have to open a malicious email or go to a malicious website."

Several dozen websites have become infected with the exploit in the past day, and Microsoft has yet to issue a patch, he added.

Microsoft said on Sunday it would issue an out-of-cycle patch for the problem.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
7 out of 7 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Official Organizations Losing Data

How does this article from earlier today make you feel? How many more government, health service, or military officials are going to lose pen drives, DVDs, USB hard disks and even entire... More

2 comments

Twitter hack was DNS redirect

Twitter has said an attack on Thursday which took the site offline for many users was the result of a DNS redirect. A group calling itself the Iranian Cyber Army redirected users... More

1 comment

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Win a BlackBerry with Vlingo voice recognition

Win a BlackBerry with Vlingo voice recognition

What is ZDNet UK's usual tagline?

Competition closes - 14 Jan 2010


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters