There's a new Microsoft Windows vulnerability being exploited across the Internet on over 150 Web sites. The vulnerability is caused by an unspecified error in the way Windows 2000, XP, and Vista handles animated cursors.
Animated cursors allow a mouse pointer to appear animated on a Web site. The feature is often designated by the .ani suffix, but attacks for this vulnerability are not constrained by this file type so simply blocking .ani files won't necessarily protect a PC. Successful exploitation can result in memory corruption when processing cursors, animated cursors, and icons. According to Arbor Networks, the malicious code on compromised Web sites
full story: Windows animated cursor flaw--150 sites infected | Tech News on ZDNet
Animated cursors allow a mouse pointer to appear animated on a Web site. The feature is often designated by the .ani suffix, but attacks for this vulnerability are not constrained by this file type so simply blocking .ani files won't necessarily protect a PC. Successful exploitation can result in memory corruption when processing cursors, animated cursors, and icons. According to Arbor Networks, the malicious code on compromised Web sites
full story: Windows animated cursor flaw--150 sites infected | Tech News on ZDNet
