windows animated cursor attack

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Windows animated cursor attacks 150 sites

Windows animated cursor attacks 150 sitesWindows animated cursor attacks 150 sitesThanks to Microsoft's quick response to this issue a patch is coming out soon and this will all be a thing of the past. Problem detcted, identified, and resolved. Simple as that.Linux Left out once again :(it doesn't work...

Tags: attack, Happy April Fool, Microsoft Corp., Microsoft Internet Explorer, Microsoft Windows, Mozilla Firefox, Opera Software ASA, Windows Animated Cursor, Windows animated cursor attack

Discussion threads 2007-04-02

Additional Resources

MS ships emergency patch for Windows worm hole

Microsoft has released an out-of-band patch to fix an extremely critical worm hole that exposes Windows users to remote code execution attacks. The emergency update comes just one week after the regularly scheduled Patch Tuesday and follows the discovery of a targeted zero-day attack, Microsoft said in...

Tags: Microsoft Windows Server, Vulnerability, Microsoft Corp., Windows Server Service, Microsoft Windows, RPC, Security, Operating Systems, Software, Networking, Ryan Naraine

Blog posts 2008-10-23

Attack of the PDFs

Less than 24 hours after Adobe shipped a fix for a gaping hole affecting its Reader and Acrobat software, PDF files rigged with malware are beginning to land in e-mail spam filters. The discovery of the active attacks have underlined the need for Windows users to immediately...

Tags: Adobe Systems Inc., Adobe PDF, Attack, DeepSight Team, Security, Viruses And Worms, Ryan Naraine

Blog posts 2007-10-23

Exploit packs get intelligent -- Attacks launched based on victim's browser

Virus hunters at Symantec have stumbled upon a malicious server using an attack framework that intelligently chooses exploits based on the client's browser.This is the first sign of the type of reconnaissance attacks predicted by by white hat researchers (See: Do you know what's leaking out of your browser?) and...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Mozilla, Microsoft, Metasploit, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple

Blog posts 2007-06-28

Microsoft mulling major changes to ward off .ANI-type flaws

How did the super-critical animated cursor (.ani) vulnerability get past all the strict code review, fuzz testing and other defense-in-depth mitigations built into Windows Vista. Michael Howard left has the answer and hes sharing it with us in a candid explanation from Microsoft on the lessons learned from the...

Tags: Botnets, Browsers, Data theft, Exploit code, Firefox, Hackers, Metasploit, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Blog posts 2007-04-27

Microsoft: Beware of .HLP files

Microsoft: Beware of .HLP filesWhere did it go?Where did the articles bashing Apple for claiming to be superior in security go? All I've seen are articles simply stating the facts about what has been released as vulnerabilities for Vista. How about the articles about wonderful 90 day report...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Microsoft Corp., Microsoft Windows Vista, HLP

Discussion threads 2007-04-11

Office zero-day bugs spoil Patch Tuesday

Office zero-day bugs spoil Patch TuesdayOffice zero-day bugs spoil Patch TuesdayThe user still needs to open the attachment once they get past the big warning screen saying it could be potentially harmful so that right there doesn't make this flaw all that feasible.Patches spoil every software makers repcause they didn't...

Tags: Microsoft Windows, Microsoft Windows Vista (Longhorn), Patches, Spyware, adware & malware, WTF, Patch Tuesday, L.D., Office zero-day bug, zero-day bug, Microsoft Office, Microsoft Windows Vista

Discussion threads 2007-04-10

News to know: Microsoft bug disclosure; Apple Airport security; XP SP3; AMD woe

Notable headlines:Ryan Naraine: Responsible disclosure, the Microsoft way.George Ou: Microsoft fights with researcher over Full Disclosure. A tale of two animated cursor attacks.Apple swats Airport Base Station security bugs.Mary Jo Foley: Microsoft: XP SP3 is still on the schedule for Q1 2008.Microsoft to push fix for patch trouble.Dan Farber: Salesforce.com...

Tags: General

Blog posts 2007-04-10

Microsoft, responsible disclosure, and that 2-year-old kernel flaw

A few weeks ago, I wrote about a Windows kernel vulnerability that was reported to Microsoft on October 22, 2004 and remained unpatched for more than two years.This is a bug I've been following closely since last November when Cesar Cerrudo, the hacker who found it, got tired of waiting...

Tags: Data theft, Browsers, Vulnerability research, Punditocracy, Pen testing, Hackers, Zero-day attacks, Viruses and Worms, Responsible disclosure, Patch Watch, Microsoft, Metasploit, Exploit code

Blog posts 2007-04-09

News to know: Best flash features; Anatomy of ANI attack; Vonage saga; Windows Home Server

Notable headlines: Ryan Stewart: The top 5 new features in Flash CS3. Gallery left.Yahoo Music blog: Wifi-Enabled SanDisk Sansa Connect Features Yahoo! Music Unlimited, LAUNCHcast, Messenger, and Flickr. Tim OReilly: Draft Bloggers Code of Conduct. Gallery: Anatomy of an animated cursor attack right. Ryan Naraine: Asus.com hacked, serving up...

Tags: General

Blog posts 2007-04-09

The source of the problem (Anatomy of an animated cursor attack)

The source of the problem Anatomy of an animated cursor attackNext? Check boxes, Ok buttons, DT Icons, shortcuts, menus, etc....Why would anyone buy MS CRAP!Microsoft wants to rule the world!If you have ANYTHING to do with software (SAP. IBM and even HP) Microsoft is out to get you! They will...

Tags: Microsoft Windows, Operating systems, Cyberthreats, cursor attack, animated cursor attack, anatomy, Microsoft Corp.

Discussion threads 2007-04-06

Anatomy of an animated cursur attack

Earlier this week, Microsoft shipped an emergency out-of-band patch to block zero-day attacks against a code execution hole in the way Windows handles animated cursor (.ani) files. This gallery provides a visual look at elements of the hacker attacks, including malicious Web sites, the exploit in action and the...

Tags: SECURITY, attack, hacker attack, anatomy, exploit, Web site, Microsoft Windows, Microsoft Corp., Web

Image galleries 2007-04-05

eEye spies new code-exection Windows hole

Researchers at eEye Digital Security have flagged a remote code-execution vulnerability in Microsofts dominant Windows operating system.The flaw "allows for remote execution of arbitrary code with minimal user interaction," eEye said in a barebones advisory. The bug carries a "high severity" rating and affects Windows 2000, Windows XP and Windows...

Tags: Hackers, Exploit code, Data theft, Browsers, Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Responsible disclosure, Pen testing, Patch Watch, Microsoft

Blog posts 2007-04-05

Mozilla to ship Firefox 'workaround' for .ANI exploit

Mozilla is considering a "workaround" to block the attack vector that puts Firefox users at risk of attacks exploiting the Windows animated cursor (.ani) vulnerability.Because Firefox uses the Windows API function that triggers the vulnerable code, the .ani vulnerability can be exploited through Firefox. (See this Flash demo by...

Tags: Zero-day attacks, Windows Vista, Viruses and Worms, Spam and Phishing, Pen testing, Microsoft, Mozilla, Hackers, Google, Firefox, Data theft, Browsers, Vulnerability research, Spyware and Adware, Responsible disclosure, Patch Watch, Open source, Exploit code, Botnets

Blog posts 2007-04-04

ANI attack update: Rootkits, 'Hot Britney pics' spam

The ongoing Windows animated cursor (.ani) flaw attack just keeps getting worse. The latest reports indicate that an e-mail spam run promising hot photographs of Britney Spears is the latest lure to infect Windows users with backdoor Trojans and keystroke loggers.An alert from Websense Security Labs offers the latest:We...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Exploit code, Digital rights management, Data theft, Browsers, Botnets

Blog posts 2007-04-03

Microsoft fits 7 patches into .ANI emergency update

Microsofts out-of-band update for the critical -- and under attack -- animated cursor (.ani) vulnerability has finally crossed the finish line, one week ahead of Redmonds own schedule but more than three months after it was first reported by a private security research company.The MS07-017 update, which should be...

Tags: Windows Vista, Zero-day attacks, Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets

Blog posts 2007-04-03

Microsoft releases emergency patch for seven Windows vulnerabilities

Microsoft has issued an "emergency" patch to fix a Critical remote code execution vulnerability in Windows cursor handling code plus six other vulnerabilities. The bugs affect every version of Windows since Windows 2000, including the latest version of Microsoft Vista. Mac, Linux, and Solaris users are immune. The update contains...

Tags: Microsoft, Linux, General

Blog posts 2007-04-03

News to know: x86 rules; Vista meets Linux; Google TV; Oracle Linux 'idiots'

Notable headlines: Despite its aging design, the x86 still rules.Ed Botts Vista Hands On: Part 1: Access shared folders from a Linux machine. Part 2. George Ou: Firefox ANI exploit on the way - no protected mode. Why is Microsoft hell-bent on ruining their reputation?Donna Bogatin: Google TV ads debut....

Tags: General

Blog posts 2007-04-03

Firefox ANI exploit on the way - no protected mode

Firefox ANI exploit on the way - no protected modeOpera MAY be immune to this, I am checking atmIf someone has Vista and metasploit, could they please try this exploit with Opera 9.1 / 9.2beta please.Nice deflectionWhile the "ANI exploit" may be exploitable through FireFox it is in fact MS's...

Tags: Web browsers, Operating systems, Windows patch, Mozilla Firefox, protected mode, security, Microsoft Corp., operating system, Microsoft Windows

Discussion threads 2007-04-03

Why is Microsoft hell-bent on ruining their reputation?

Why is Microsoft hell-bent on ruining their reputation?You asked the questionhe provided some answers that have been known for years, i'm surprised you still don't believe themHiHe did contribbute something... before you decide what to change you have to analyse whats failing!TimboYou want something more specific?OK - break Microsoft into...

Tags: Spyware, adware & malware, Cyberthreats, Operating systems, Viruses and worms, SECURITY, reorganisation, Microsoft Corp., malware, Nothing, Microsoft Windows

Discussion threads 2007-04-03