Microsoft confirmed on Thursday that attacker could take control of a user's system by exploiting a flaw in the way the company's Windows software handles animated-cursor files.
Animated cursors are looping images that replace the standard pointer on Windows systems. The flaw affects how all Microsoft operating systems--including the latest versions of Windows 2000, Windows XP, Windows Server 2003 and Windows Vista--handle animated-cursor files, according to the software giant. There does not seem to be any evidence that the flaw is being used in a real-world attack, but Microsoft gave its standard rundown on the possible vectors of attack.
"Upon viewing a web page, previewing or reading a specially crafted message, or opening a specially crafted email attachment the attacker could cause the affected system to execute code," Microsoft said in its advisory. "While animated cursors typically are associated with the .ani file extension, a successful attack is not constrained by this file type."
McAfee reported the vulnerability on Wednesday after finding a description of the flaw posted to an unidentified message board. The company later received a malicious file that used the animated-cursor vulnerability to compromise the user's system. On Windows Vista, the exploit causes the system to endlessly crash and restart, the antivirus firm said on Thursday.
Microsoft released Internet Explorer 7 in October, significantly improving the security of the browser. While McAfee stated that the exploit affects Windows XP systems with Service Pack 2 installed running either Internet Explorer 6 or 7, Windows Vista systems run Internet Explorer 7 in protected mode and so are not affected, Microsoft said.
Microsoft stated that the company would have to issue a security update to patch the issue.
Posted by: Robert Lemos