Security Watch – Exploits and Attacks – ANI Zero Day Takes New Turns to the Uber-Nasty
If you’re reading this with Internet Explorer on a Windows machine, don’t. The Windows animated cursor zero-day attack that was coming through on IE 6 and 7 running on fully patched Windows XP SP2 is now also hitting Windows 2000, Server 2003 and Vista. As F-Secure advises, better to use some other combination.
Proof-of-concept code for the attack was released after business hours on Friday, according to SANS.
Blocking .ani files won’t help. SANS has picked up reports of the vulnerability being exploited in the wild with .ani files renamed as JPEGs.
Microsoft today posted security advisory 935423 about the exploit. Here’s the full list of vulnerable systems:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Vista