Microsoft Update Time

March 29, 2007 at 1:19 pm | Posted in Technical | 1 Comment

For the 90 percent (or so) of us who are using MS Windows, it’s time to avoid opening unsolicited email, and to be careful what web pages we browse, because there’s another vulnerability which can be exploited via HTML page. The affected systems are:

Windows XP Service Pack 2, Windows Server 2003 Service Pack 1
Microsoft Internet Explorer 6 for Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Windows Server 2003 SP1
Microsoft Windows Internet Explorer 7 for Windows XP SP2
Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1

(Good news for all 12 of you who have already loaded up Vista; you’re not vulnerable!)

Microsoft has not yet completed an investigation, but McAfee has had some time to look into it, and reported it publicly yesterday . According to McAfee researcher Craig Schmugar, the flaw exists in the way IE handles malformed .ani files (the format is used to read and store Windows Animated Cursors) and malicious code can be easily placed on an attacker’s Web site to trigger the vulnerability. McAfee was able to demonstrate the vulnerability exists on fully-patched WinXP SP2 systems.

Multiple sources in the anti-malware community have confirmed McAfee’s discovery, which includes the use of arbitrary .exe files and Trojan downloaders. Microsoft has acknowledged that this is, indeed, a vulnerability which will require an MS Update to remedy, although they have not yet released a fix.

In the meantime, it is best to stick with familiar trustworthy web sites, and to avoid viewing unsolicited email messages. If you are using a “preview” window in your mail client, it is a good idea to switch from HTML to plain text displays, since the preview can cause the malicious code to execute without your actually opening the unsolicited message. 


1 Comment

TrackBack URI

  1. […] Microsoft released a patch yesterday for that security hole in all Windows operating systems that I mentioned last week. As it turns out, Vista was also susceptible to these exploits; it just took a little convincing to […]

Sorry, the comment form is closed at this time.

Create a free website or blog at
Entries and comments feeds.

%d bloggers like this: