Friday, March 30, 2007 9:19 AM
Virus.Org - Windows Cursor 0-Day
Windows Cursor 0-Day
Written by Editor
Friday, 30 March 2007
Yesterday details of a vulnerability where released of a vulnerability in Microsoft Windows with the handling of Icons and Animated Cursors. It also seems that the vulnerability may have been connected with the compromise of the Dolphin Stadium web site last month.
Firstly the Windows vulnerability is a memory-corruption error caused when handling malformed ANI cursor or icon files. The vulnerability can allow the execution of arbitary code on the targeted computer in the context of the user.
An attacker can exploit this vulnerability by enticing and unsuspecting user to access an HTML document which references a specially crafted ANI file. The vulnerability is present on Windows XP SP2, Windows 2003 SP1 and Windows Vista running Internet Explorer 6 and 7. It also seems that this vulnerability can be exploited via email too, with a specially crafted email. In this case Windows XP Outlook Express, Windows Vista Mail and Outlook 2003 are all being vulnerable in default settings.
The vulnerability has been acknowledged by Microsoft in an advisory along with advisories posted by eEye and CERT. The researchers at McAfee have also blogged about this vulnerability.
As to the possible connection with the hacked Dolphin Stadium web site, the hack affected a large number of sites last month. Compromised sites were injected with a script reference that pointed to exploit code. At the time, the exploit code used was for some older previously fixed vulnerabilities. However, it seems after a recent investigation by SANS the same script used in that hack is now serving the exploit code for this vulnerability.
Source: Virus.Org - Windows Cursor 0-Day
Filed under: Security and Anti-Virus, Microsoft Windows, AntiVirus Information, Internet Hacks