Advertisement
Promo

Security threats Toolkit

Microsoft repairs cursor vulnerability fix

Joris Evers CNET News

Published: 10 Apr 2007 07:44 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Microsoft on Tuesday plans to push out a fix to repair problems caused by last week's emergency cursor flaw patch.

The fix will be delivered as a "high priority" update alongside Microsoft's regular security updates, Christopher Budd, a Microsoft security staffer, wrote on a corporate blog on Friday.

Watch this

Video: Windows cursor hack in action
Video Story Video Control Panel

Microsoft has identified three additional applications that conflict with last week's "critical" MS07-017 security update. Originally the company listed only the Realtek HD Audio Control Panel as software that would not function and cause error messages to appear. CD-Tag, ElsterFormular and TUGZip have been added to that list.

"While the impact of these issues is clearly not widespread, it is affecting some of our customers," Budd wrote. For example, in Germany the issue with ElsterFormular is causing headaches because companies use it to file their taxes, according to the Elster website.

Microsoft broke with its monthly patch cycle to repair a bug in the way Windows handles animated cursors. Cybercrooks had been using the hole to attack Windows PCs. Microsoft knew about conflicts with Realtek's audio software before releasing the fix and published a support article with the security bulletin.

Microsoft's Automatic Updates, the Windows feature that automatically downloads and installs fixes, will install the fix only on PCs that run conflicting applications, Budd wrote. The Windows Update and Microsoft Update websites will also offer it only if conflicting software is found on a PC, he wrote.

For organisations, Microsoft will make the fix available through its Windows Server Update Services and Software Update Services patch installation tools, though with a possible delay until later next week, Budd wrote. The fix is already available for download from Microsoft's website.

Microsoft on Tuesday also plans to release five security bulletins, four of which will address Windows flaws. The bulletins, part of Microsoft's monthly patch cycle, will provide fixes for an undisclosed number of security vulnerabilities.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
34 out of 37 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:





Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters