Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows .ANI Problem Surfaced Two Years Ago

Posted by Zonk on from the about-twenty-times-longer-than-firefly's-run dept.

An anonymous reader writes "There's a new twist to the tale of Windows .ANI exploit, that's been in the news all week (including when a spam campaign used the teaser of nude Britney Spears pictures to lure people to malicious sites). InformationWeek reports the Windows .ANI bug at issue first surfaced — and was patched — two years ago, in early 2005. 'If they had simply looked for other references for the same piece of code when they originally dealt with it a few years ago, they would have found this and patched it in 2005,' says Craig Schmugar of McAfee. 'It would have saved a whole lot of people a lot of time, money and effort.' Microsoft claims this .ANI vulnerability is different from the old, but beyond that they're not talking."

11 of 110 comments (clear)

  1. How is that a lure? by kypper · · Score: 4, Funny

    when a spam campaign used the teaser of nude Britney Spears pictures to lure people to malicious sites

    Talk about an anti-virus.
    If all attempts to hijack my machine involved using her as a lure, I'd uninstall AVP in a heartbeat; you couldn't pay me to see her nude.

    1. Re:How is that a lure? by Lehk228 · · Score: 1, Funny

      what does alien v. predator have to do with this?

      --
      Snowden and Manning are heroes.
    2. Re:How is that a lure? by Lehk228 · · Score: 5, Funny

      no she's not a mermaiden, if anything she is closer to being a submarine, huge and full of sea men

      --
      Snowden and Manning are heroes.
  2. Strange... by __aaclcg7560 · · Score: 4, Funny

    The last time I saw an ANSI bug was during my days as a BBS Sysop years ago!

  3. Wouldn't that be by eviloverlordx · · Score: 4, Funny

    an .ANL exploit?

    --
    'Loose' is when your pants are three sizes too big. 'Lose' is when you misuse 'loose'.
    1. Re:Wouldn't that be by EmbeddedJanitor · · Score: 5, Funny

      No, it's a back door.

      --
      Engineering is the art of compromise.
  4. This ANI exploit is different! by andrewd18 · · Score: 5, Funny

    Microsoft claims this .ANI vulnerability is different from the old, but beyond that they're not talking.

    Of course this .ANI exploit is different... the one that came out in 2005 didn't affect Vista!
  5. Cut it out by symbolset · · Score: 4, Funny

    Steve, leave the slashdot editors alone. If you need to blow off steam, go throw a chair or something.

    --
    Help stamp out iliturcy.
  6. Out of interest.... by Anonymous Coward · · Score: 5, Funny

    How many other people clicked on the "teaser of nude Britney Spears pictures" link in the Slashdot story and were bitterly disappointed?

    1. Re:Out of interest.... by mattpointblank · · Score: 5, Funny

      You mean the link does go to nude pictures?

    2. Re:Out of interest.... by Rakshasa+Taisab · · Score: 4, Funny

      Do you mean; disappointed because they saw the pictures, or because they didn't?

      --
      - These characters were randomly selected.