Computing News | Attackers exploit zero-day Windows flaw

Latest News | News Archive |

Posted by: Tweaker
Date added: 13:20 Saturday, 31st March 2007 GMT
Source: C/NET News

A zero-day exploit that takes advantage of a vulnerability in the Windows cursor could be spreading rapidly.

The hole in the Windows animated cursor, which was flagged in a Microsoft advisory Thursday, has moved from a targeted attack to one that is widespread, said Johannes Ullrich, chief research officer for the Sans Institute, which also issued an advisory.

Attackers also on Thursday launched a Trojan spam that dupes users into thinking it's an IE 7 beta, according to a Sans advisory. The Trojan uses the same file name as Microsoft's legitimate IE 7 betas, making detection more difficult, Ullrich noted.

"Antivirus software was initially pretty useless in combating it," Ullrich said. "It was spammed out quickly and probably used an existing spam network."

He noted, however, that users have to click on a link to have their systems affected, so it is less of a threat than the Windows animated cursor zero-day flaw, or a security hole that has been publicly disclosed but not fixed.

"With the (animated cursor), you don't have to click on a link to get it to launch," Ullrich said. "You just have to open a malicious e-mail or go to a malicious Web site." Several dozen Web sites have become infected with the exploit in the past day, and Microsoft has yet to issue a patch, he added.

  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!    Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

[  To top | Latest News | News Archive | ]