Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Plans Emergency Update to Fix .ANI Bug

Posted by Hemos on from the must-fix-problem dept.

A feed from The Reg says"Widespread exploitation of an unpatched Windows vulnerability involving cursor animation files over the weekend have prompted Microsoft to announce plans to release an out-of-sequence patch on Tuesday MS plans emergency update to fix blinking cursor bug."

3 of 109 comments (clear)

  1. Perhaps M$ should.... by 8127972 · · Score: 4, Informative

    ... Just release patches when they are ready as opposed to releasing them in groups on "patch Tuesday" as there seem to be an increasing number of zero-day exploits out in the wild. Consider that it took M$ forever to close the zero-day exploits in Office even though there were exploits in the wild and they even warned users about them which IIRC was a highly unusual step for them.

    --
    This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
  2. It *DOES* download it anyway by _xeno_ · · Score: 4, Informative

    Well, I've had the chance to test it now. Internet Explorer (well, version 6, at least) in fact does download the ANI file anyway even when it's been overridden. I'm guessing it in fact downloads all related CSS resources even if they're never used.

    Unfortunately I can't test if IE is actually vulnerable with the stylesheet in place because I'm behind a firewall that prevents me from getting any of the proof-of-concept files. So if someone else wants to test it, let me know.

    --
    You are in a maze of twisty little relative jumps, all alike.
  3. Re:Impacted browsers by TheNetAvenger · · Score: 4, Informative

    Yes it is true that the vulnerbility is limited on Vista since IE runs with lower permissions than the user and cannot harm anything that IE cannot touch, and IE cannot touch hardly anything in Vista.

    Also where in the heck do you get that GUI runs in kernel space? You seriously need to read up a bit on NT, as the Win32 subsystem itself doesn't even get to run in the kernel, let alone the GUI attached to it.

    You are probably confusing video drivers that were moved to the kernel level for game performance in NT4, Win2k and WinXP, but have been moved back to User space in Vista due to a new way to harness the same level of kernel level driver performance without pushing the drivers into the kernel. (Which is actually quite clever technology if anyone is a OS Kernel nerd.)