Friday, March 30, 2007

Microsoft Windows Animated Cursor Handling Vulnerability

".. any web page, email or content that can load an animated cursor can allow an attacker to take advantage of the vulnerability and run arbitrary code on the users system."


A short overview by SANS of how the different email clients are reacting to the animated cursor vulnerability.

An unofficial fix for the animated cursor vulnerability from Eeye.

Related Articles:
Microsoft confirms animated-cursor flaw: Microsoft confirmed on Thursday that attacker could take control of a user's system by exploiting a flaw in the way the company's Windows software handles animated-cursor files.

========================================
http://secunia.com/advisories/24659/
Microsoft Windows Animated Cursor Handling Vulnerability

Secunia Advisory: SA24659
Release Date: 2007-03-30


Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched


OS:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

CVE reference: CVE-2007-0038

Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error in the handling of animated cursors and can e.g. be exploited by tricking a user into visiting a malicious website using Internet Explorer or opening a malicious e-mail message.

Successful exploitation allows execution of arbitrary code.

NOTE: The vulnerability is currently being actively exploited.

Solution:
Do not browse untrusted sites or view untrusted e-mails.

Provided and/or discovered by:
Discovered as a 0-day.
Independently discovered by Determina Security Research.

Original Advisory:
Microsoft: http://www.microsoft.com/technet/security/advisory/935423.mspx
http://blogs.technet.com/msrc/archive...-security-advisory-935423-posted.aspx

Determina:
http://www.determina.com/security_cen...ries/securityadvisory_0day_032907.asp

Other References:
US-CERT VU#191609:
http://www.kb.cert.org/vuls/id/191609

================================================================

Labels: , , ,

posted by Xnet Solutions : Microsoft Windows Animated Cursor Handling Vulnerability