Windows Vulnerability in Animated Cursor Handling

← Back to Stories (view on slashdot.org)

Windows Vulnerability in Animated Cursor Handling

Posted by Zonk on Friday March 30, 2007 @01:43AM from the mind-those-hilarious-icons dept.

MoreDruid writes "Secunia reports a vulnerability in Windows Animated Cursor Handling. According to the linked article, the rating is "extremely critical". Microsoft has put up their own advisory on the subject, confirming this is a vulnerability that affects Windows 2000, XP, 2003 and Vista. The exploit has already been used in the wild. From the Secunia page: The vulnerability is caused due to an unspecified error in the handling of animated cursors and can e.g. be exploited by tricking a user into visiting a malicious website using Internet Explorer or opening a malicious e-mail message. Successful exploitation allows execution of arbitrary code."

22 of 338 comments (clear)

Min score:

Reason:

Sort:

Surprise, Windows Listed as Most Secure OS by ballmerfud · 2007-03-30 01:46 · Score: 5, Funny

Surprise, Windows Listed as Most Secure OS ... just don't move the mouse.

--
http://uncyclopedia.org/wiki/User:Steve_Ballmer
1. Re: Surprise, Windows Listed as Most Secure OS by CoolVibe · 2007-03-30 01:50 · Score: 4, Funny
  
  Surprise, Windows Listed as Most Secure OS ... just don't move the mouse. and pull the network plug out while you are at it. More security :)
Oblig. by zlogic · 2007-03-30 01:50 · Score: 3, Funny

In Soviet Russia, cursors pwn you!
The Solution is Amazing by neoform · 2007-03-30 01:51 · Score: 4, Funny

>Solution: Do not browse untrusted sites or view untrusted e-mails.

Nice, so basically I'm not supposed to read any emails from people I don't know. Sounds like a viable solution.

--
MABASPLOOM!
1. Re:The Solution is Amazing by ehaggis · 2007-03-30 02:28 · Score: 5, Funny
  
  Don't use a cursor, just guess where your mouse is pointing.
  
  --
  One ring to bind them - should probably have more fiber and less rings in their diet.
What kind of mouthbreather would even... by straponego · 2007-03-30 01:57 · Score: 4, Funny

...install an animated cursor in the first place? Okay, besides the CEO.
1. Re:What kind of mouthbreather would even... by gEvil+(beta) · 2007-03-30 02:24 · Score: 2, Funny
  
  ...install an animated cursor in the first place? Okay, besides the CEO.
  
  My cursor is a big punching glove. It makes hitting that damn monkey that much easier...
  
  --
  This guy's the limit!
Criminals using this vulnerability ? by Rastignac · 2007-03-30 01:58 · Score: 5, Funny

Our security expert, Jackson M., just tolds us:
" So, ANI are you ok ? Are you ok ANI ?
You've been hit by... you've been hit by... a smooth criminal ! "

--
-- Rastignac was here.
A workaround for this... by Anonymous Coward · 2007-03-30 02:01 · Score: 5, Funny

A workaround for this is to install some quality cursors.
I use the comet cursor package that installed itself automatically when I browsed the web.
It has some great cursors and loads of other features that make using Windows far more entertaining.

I have not been able to remove or alter the comet cursor package since it installed itself, so I think it will protect very well against other cursors getting installed on my computer.
I can hear Ballmer screaming... by xactuary · 2007-03-30 02:11 · Score: 5, Funny

Cursors? Foiled again!

--
Say hello to my little sig.
1. Re:I can hear Ballmer screaming... by erroneus · 2007-03-30 02:59 · Score: 2, Funny
  
  Damn you! I have been waiting YEARS to do that one!!
  
  Damn you! Damn you all to hell!!
Re:Why does it get to be this bad? by DoofusOfDeath · 2007-03-30 02:19 · Score: 4, Funny

No doubt you aren't a programmer, and wouldn't really grasp how complex a piece of software like a web browser really is,

Even if you're a programmer, you're still out of your league on this one. Only a plumber could understand the series of tubes that make up the Internet.
Solution: "You are trying to move the mouse..." by Anonymous Coward · 2007-03-30 02:24 · Score: 5, Funny

[Cancel] or [Allow]?
Re:Why would my cursor run as root? by Anonymous Coward · 2007-03-30 02:26 · Score: 5, Funny

What part of "Successful exploitation allows execution of arbitrary code." do you not understand?

Successful.
Re:Vista Security. by rajafarian · 2007-03-30 02:29 · Score: 4, Funny

I though Vista was supposed to be the most secure OS ever.

Nope. I watched their lips and every time they said, "Vista will be the most secure Microsoft operating system ever."

I think this was carefully worded by them so they could say it with an honest face.
Correction by towsonu2003 · 2007-03-30 02:38 · Score: 2, Funny

In Soviet Russia, cursors pwn you!

Correction: In Soviet Russia, you pwn cursors! So you might want to live in Soviet Russia... Sorry.
Re:Why would my cursor run as root? by spun · 2007-03-30 02:43 · Score: 5, Funny

Microsoft's advisory says that IE7 runs in protected mode in Vista, thus it is "protected from currently known web based attacks" and the exploit can only crash the browser not execute arbitrary code. It's in the "Mitigating Factors for Animated Cursor Vulnerability" section.

"In Protected Mode, Internet Explorer 7 in Windows Vista cannot modify user or system files and settings without user consent." -- From the Windows Vista: Features Explained site.

Unless of course the user has been driven insane by all the "Cancel or Allow?" questions and would readily click "Allow" even in a dialog box asking, "Your computer would like to strangle you with its power cord. Cancel or Allow?"

--
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Pfff. Locked in a vault? by spun · 2007-03-30 02:52 · Score: 5, Funny

The most secure computer is turned off, unplugged, buried a mile deep in an asteroid somewhere in the Kuiper belt, ringed by defensive lasers, orbited by a swarm of nuclear smart mines and guarded by a whole company of battlemechs.

--
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Re:What's to investigate? by Trailer+Trash · 2007-03-30 03:00 · Score: 2, Funny

Everything from animated wallpaper to rotating slide shows to OMGPONIES!!!!!! themes get installed

We're two days away from April 1st, let us enjoy these days while we can...

--
Do you have ESP?
Good heavens... by Petersko · 2007-03-30 03:14 · Score: 3, Funny

trused? compromise? Mornigs suk as.
Re:goddam hackers by david_g17 · 2007-03-30 03:37 · Score: 4, Funny

You are not suited for it, and the best you can hope for is working in the field for a few years before your coworkers stab you to death in the parking lot (and no one will see a thing).
~David_g17 sharpens his spork...~
Boy... by Zebra_X · 2007-03-30 05:04 · Score: 3, Funny

Sure am glad I just upgraded to Vista and Office 2007:

Mitigating Factors for Animated Cursor Vulnerability

Customers who are using Internet Explorer 7 on Windows Vista are protected from currently known web based attacks due to Internet Explorer 7.0 protected mode. For more information on Internet Explorer Protected Mode see the following Web Site.

By default, Outlook 2007 uses Microsoft Word to display e-mail messages which protects customers from the HTML e-mail preview and attack vector.

I think the important thing here to note is that MS is actually delivering on it's promise to deliver a more secure OS and set of applications for users.