Humpty Posted March 31, 2007 Share Posted March 31, 2007 The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory. An attacker could exploit the vulnerability through a web page or email message with rigged computer code, it said. The software behemoth said in its advisory: "Upon viewing a web page, previewing or reading a specially crafted message, or opening a specially crafted email attachment, the attacker could cause the affected system to execute code." Such holes are often exploited by cyber crooks to do "drive-by" installations of malicious software. Spyware and remote control tools that turn PCs into drones for the attacker are silently loaded onto vulnerable computers by tricking people to visit a rigged website or hacking a trust Article Link to comment Share on other sites More sharing options...
Pfipps Posted April 1, 2007 Share Posted April 1, 2007 I read that UAC and IE7 protected mode in Vista stops this problem. If you're in XP/2000, Cnet recommends using either Firefox or Opera until a patch is released since it is not affected by this problem. I'm also thinking that tightening IE7 settings in XP could stop it too. All the antivirus vendors have the trojan downloader in their signatures by now. Link to comment Share on other sites More sharing options...
Maysky Posted April 2, 2007 Share Posted April 2, 2007 Accroding to Gibson's GRC site, MS is releasing the patch early on April 3rd. In the meantime, an interim patch is available from eEye. Full details on http://www.grc.com/default.htm --- Link to comment Share on other sites More sharing options...
Moderators rridgely Posted April 3, 2007 Moderators Share Posted April 3, 2007 Here is a short discussion about it here: http://www.twit.tv/sn85a Thats actually a great series talking about security if your really interested in it. Steve Gibson knows his stuff and Leo Laporte is a pretty funny guy. I didn't listen to this episode yet. Link to comment Share on other sites More sharing options...
Tarq57 Posted April 4, 2007 Share Posted April 4, 2007 MS patch released today. KB925902. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted April 4, 2007 Moderators Share Posted April 4, 2007 MS patch released today. KB925902. On my system it wouldn't install correct via Automatic Updates or Microsoft Update, and after trying at least three times in a row I ended up having to manually download and install it from here. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now