Microsoft Windows Animated Cursor Vulnerability

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Microsoft is reporting that a vulnerability has been found in the way Windows handles animated cursor files. Microsoft is working on the problem and suggests visiting only trusted sites, not clicking on attachments and no talking to strangers.

Microsoft is investigating new public reports of attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.
Click to expand...
 
What blows my mind is that Microsoft publicizes the vulnerabilities they find.

"Wow, look at this security risk! Let's make sure to tell everyone in case people start to try it out."

Or get the idea to try it out.
 
What blows my mind is that Microsoft publicizes the vulnerabilities they find.

"Wow, look at this security risk! Let's make sure to tell everyone in case people start to try it out."

Or get the idea to try it out.
Well, a lot of other companies do the same to try to have people be aware of potential problem and remedy work-arounds before it happens. Cisco publicize security problems all the time. Just MHO.:cool:
Click to expand...
Click to expand...
 
They didn't go into detail about the exploit so it's not a big deal. If they didn't mention it and just dropped a patch on us then people would complain about it. They are damned if they do and damned if they don't. What kills me is the fact that they have a vulnerability in an ANIMATED CURSOR! :rolleyes:
 
I'm not saying there's a good way to deal with them. Microsoft could keep quiet while releasing security patches. I just hope that after they publicize these risks, their patches are complete and thorough.

"Hey, here's a risk. Don't even try to act on it because we've already released a patch for it. Got it? Don't mess with our patches!"
 
tesfaye said:
What kills me is the fact that they have a vulnerability in an ANIMATED CURSOR! :rolleyes:
Click to expand...

Heh. When I loaded the forum's front page and scrolled down to News, Steve's headline was cut off. All I saw was "Microsoft Windows Animated Cursor..." Somehow I just knew what the rest of the headline was. :D
 
The girl next to my desk at work has the Microsoft banana cursor. It's not overly animated, but...it's a banana.
 
GJSNeptune said:
The girl next to my desk at work has the Microsoft banana cursor. It's not overly animated, but...it's a banana.
Click to expand...

Hmmm *me thinks of very interesting conversations that can start with having a female coworker who has a banana cursor*:D ;)
 
Probably, but she's just eccentric like that. As soon as we got our new work computers, she changed it to a banana. I don't know. I'm sure she'd appreciate the innuendo, but I'd rather not...peel into that conversation. :p
 
GJSNeptune said:
What blows my mind is that Microsoft publicizes the vulnerabilities they find.

"Wow, look at this security risk! Let's make sure to tell everyone in case people start to try it out."

Or get the idea to try it out.
Click to expand...

Thats nothing, just think of all the times the news has reported vulnerabilities in seaport security, airport security, the border, etc, etc, etc.
 
Quick! Are there any Windows extensions left that haven't had security vulnerabilities?

Let's see, .jpg, .mpg, .scr...

.ico? Any e-mail spamming, hard-drive formatting icons out there?
 
THRESHIN said:
vulnerability in an animated cursor? please tell me this is a joke
Click to expand...
That was exactly my reaction. I mean.....come on. If something as ... ancillary as an animated cursor can be made to compromise a system, I don't even want to know what else is wrong.
 
LOL, the computer gods are simply punishing those who use animated cursors. :D

Sorry, there might be some [H]ard folks out there who use animated cursors, but in my tech work experience, it is usually only the least tech savvy that are interested in animated cursors.
 
Coming soon, Mozilla Mouse. Control your animated cursor! Now with improved extension functionality.

Currently available extensions:

-NoScript for Mozilla Mouse 1.x
-Popup blocker
-PocketMouse™ Personal Cursor Firewall
-Spoofcheesestick
 
GJSNeptune said:
Probably, but she's just eccentric like that. As soon as we got our new work computers, she changed it to a banana. I don't know. I'm sure she'd appreciate the innuendo, but I'd rather not...peel into that conversation. :p
Click to expand...

Maybe she has a BUNCH of friends that use bananas too.:D
 
GJSNeptune said:
Coming soon, Mozilla Mouse. Control your animated cursor! Now with improved extension functionality.

Currently available extensions:

-NoScript for Mozilla Mouse 1.x
-Popup blocker
-PocketMouse™ Personal Cursor Firewall
-Spoofcheesestick
Click to expand...

LOL it's ok, won't be another animouse problem in the next release of Windows O/S!
 
I've always hted those bouncing icons. Oh, and, "Hey, it looks like you're writing a letter." :p
 
srangara said:
Quick! Are there any Windows extensions left that haven't had security vulnerabilities?

Let's see, .jpg, .mpg, .scr...

.ico? Any e-mail spamming, hard-drive formatting icons out there?
Click to expand...
NOTEPAD!! :) .TXT files are next. You think not? Just wait and see. :)
 
You must log in or register to reply here.
Back
Top