National Cyber Alert
This just out from US Technical Cyber Alert:
National Cyber Alert System
Cyber Security Alert SA07-089A
Microsoft Windows ANI Vulnerability
Original release date: March 30, 2007
Last revised: March 30, 2007–
Source: US-CERTSystems Affected
Microsoft Windows 2000, XP, Server 2003, and Vista are affected.
Affected applications include:* Microsoft Windows
* Microsoft Internet Explorer
* Microsoft Outlook
* Microsoft Outlook Express
* Microsoft Windows Mail
* Microsoft Windows ExplorerOverview
A vulnerability exists in Microsoft Windows that could allow an attacker to gain control of your computer.
Solution
Until updates are available, the following may reduce the chances of successful exploitation:
Do not follow unsolicited or suspicious links
Do not click unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links.
Do not open or read untrusted email
Do not open or read email that comes from unknown or untrusted sources.
Description
A vulnerability exists in Microsoft Windows that could allow an attacker to gain control of your computer. This vulnerability occurs when Microsoft Windows processes malicious animated cursor files.
US-CERT is tracking this issue as VU#191609.
References
* US-CERT Technical Cyber Security Alert TA07-089A
* Vulnerability Note VU#191609
* Microsoft Security Advisory (935423)
* Unpatched Drive-By Exploit Found On The Web
* TROJ_ANICHMOO.AX – Description and Solution
______
Update your software as appropriate.
zero comments so far »
Please won't you leave a comment, below? It'll put some text here!
Copy link for RSS feed for comments on this post or for TrackBack URI
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
\
