Security flaw puts puts Windows, including Vista, PCs at risk; malware already observed in the wild

Apple Store“A new security vulnerability puts Windows users at risk of serious cyberattacks, Microsoft warned late Wednesday,” Joris Evers reports for CNET News.

“The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory,” Evers reports. “An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said.”

“Sample code that demonstrates the vulnerability has already been posted on the Web, McAfee said in a security alert sent to customers. ‘Malware exploiting this vulnerability has been observed in the wild,’ the security company said in the alert,” Evers reports.

“‘I expect attackers will pick up on this as soon as they figure out how to, we’ll very shortly see the usual suspects using it,’ said Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs. ‘The sample site is already offline; this could be a prelude to a bigger attack,'” Evers reports.

Evers reports, “The animated-cursors feature is designated by the .ani suffix, but a successful attack is not constrained by this file type, Microsoft said. As a result, simply blocking such files won’t protect a PC.”

Full article here.

Windows Vista ANI File Handling DoS:

Related articles:
National Security Agency gives Apple’s Mac OS X 10.4 Tiger glowing security endorsement – March 22, 2007
Lack of Apple Mac malware baffles expert – March 21, 2007
Microsoft’s Live OneCare ‘security’ failureware: dead last in test of 17 Windows security apps – March 07, 2007
Bill Gates has lost his mind: calls Apple liars, copiers; slams Mac OS X security vs. Windows – February 02, 2007
Security firm: 38-percent of malware already Windows Vista-compatible – January 22, 2007
FUD Alert: CNET tries to equate Windows’ insecurity to handful of Mac OS X proof-of-concepts – December 02, 2006
Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X – August 23, 2006
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
BusinessWeek columnist propagates discounted ‘Apple Mac security via obscurity myth’ – September 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Another columnist trots out Mac OS X ‘Security through Obscurity’ myth – April 03, 2004
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 01, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003

69 Comments

  1. Business as usual for M$, their anti-virus flackies, and those delusional sufferers who continually bash themselves in the head with a steel mallot (i.e. continually purchase M$ products).

    Breathe the fresh, clean air my Apple Macintosh friends.

  2. Windows Defender Pretender: “Your visiting the web site ‘britneysnudephotos.org’, Deny or Allow?”

    Vista Loser: “Allow”

    Windows Defender Pretender: “You’ve downloaded a animated cursor, do you wish to install? Deny or Allow?”

    Vista Loser: “Deny”

    Windows Pretender Defender: “Too late” Do you wish for the associated malware to take over your computer? Deny or Allow”

    Vista Loser: “DENY GODDAMMIT!!”

    Windows Pretender Defender: “Too late” “Deleting files, Deny or Allow?”

    Vista Loser: “Please God NOOOOOOO!!”

  3. “Only Microsoft could have an insecure cursor.”

    Yeah, and only Apple could have insecure shell scripts disguised as JPG’s, PDF’s, MP3’s, and what have you. Remember that one? Remember Mac users downloading illegal MP3’s with Limewire, trying to play the file and getting their home folders wiped out? Of course you don’t – it’s too convenient to “forget” when some vulnerability strikes home in the pathetically small Mac user-base.

    And BTW – can somebody tell me just WTF this headline has to do with Mac Daily News? Or are we back to Microsoft Daily News again? I’m not quite sure what the “M” in “MDN” stands for these days.

  4. “A new security vulnerability puts Windows users at risk of serious cyberattacks, Microsoft warned late Wednesday,”
    Did somebody tell Bill about this? He seems unaware of any of Vistas flaws from what I’ve heard him spew. Macs get taken over daily according to Mr Gates…. huh…

  5. Reality Check! Relax, it’ll all get better real soon. Just take this pill and all your rage and fear will go away.

    See, it worked for us. Now you try.

    ” width=”19″ height=”19″ alt=”grin” style=”border:0;” />

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.