403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx
Follow us:
403 Forbidden

403 Forbidden


nginx

Microsoft Pri0

Welcome to Microsoft Pri0: That's Microspeak for top priority, and that's the news and observations you'll find here from Seattle Times technology reporter Matt Day.

April 2, 2007 at 10:11 AM

Microsoft issues patch for Windows cursor hole

Microsoft issued a patch Sunday for a vulnerability that affects several versions of the Windows operating system, including the newly released Vista, and has been employed in “malicious and criminal attacks on computer users.”

In a security advisory issued Saturday, the company described the hole “as a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. For this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.”

The company had planned to issue the patch, known as MS07-017, with its regular monthly security update on April 10. “However, Microsoft is aware of the existence of a public attack utilizing the vulnerability,” a spokesman said in an email. “Since testing has been completed earlier than anticipated, Microsoft has released the update ahead of schedule to help protect customers.”

The attacks and impacts to computer users thus far have been “limited,” according to the spokesman.

Updates will be pushed out automatically to Windows users who have the Automatic Updates feature turned on. The patch can be downloaded at Microsoft’s Windows Update.

The SANS Internet Storm Center has more details and links to security vendors’ accounts of the problem.

Comments | More in Microsoft

COMMENTS

No personal attacks or insults, no hate speech, no profanity. Please keep the conversation civil and help us moderate this thread by reporting any abuse. See our Commenting FAQ.



The opinions expressed in reader comments are those of the author only, and do not reflect the opinions of The Seattle Times.


403 Forbidden

403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx