* Animated cursors could prove risky for Windows users, warns Microsoft. *
Henk op xp
HmjE at HOME.NL
Fri Mar 30 13:39:25 CEST 2007
REPLY TO: D66 at nic.surfnet.nl
"
BBC NEWS
Users warned on Windows cursors
* Animated cursors could prove risky for Windows users, warns Microsoft. *
The software giant is investigating reports that the way Windows handles
alternatives to the traditional arrow cursor can leave PCs open to attack.
By booby-trapping a website or e-mail attachment with code that exploits
the flaw, malicious hackers could hijack a Windows PC.
Microsoft warned users to be wary of attachments and urged them to
update security software to combat the threat.
* Open Windows *
Malicious hackers are already known to be exploiting the flaw according
to reports from the Sans Internet Storm Center.
In an alert, Sans said several security firms had seen evidence of
websites being set up, hosting code that can exploit the bug.
Information about it is being spread on bulletin boards malicious
hackers are known to frequent.
PC users could fall victim by opening a booby-trapped attachment on an
e-mail or by visiting a website that is hosting the code.
"Exploitation happens completely silently," said security firm McAfee
which was one of the first to find the bug. Once installed, the exploit
code could download and run any other file, warned McAfee.
Microsoft urged people to update their security software so they could
get hold of signature files that spot and stop the exploit code.
Simply blocking the .ani files that denote animated cursors will not
work as many attackers are renaming booby-trapped files to disguise
their dangerous nature.
Microsoft said that many different versions of Windows were vulnerable
to the attack. The list of potential victims includes Windows Vista, XP,
2000 and Server 2003.
The software firm said those using Outlook Express would be vulnerable
as would those who forward or reply to booby-trapped e-mail messages
with Windows Mail on Vista.
However, it said that users of Outlook 2007 would be protected.
Security firms said users can stay safe from this vulnerability by using
an alternative browser, such as Opera or Firefox 2.0, with Windows. Also
protected are those using Windows Vista with Internet Explorer 7.0.
Story from BBC NEWS:
http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/6509865.stm
"
Zucht ...... wanneer eisen we (overheid) van producenten nu eindelijk
eens deugdelijk materiaal?
Henk Elegeert
**********
Dit bericht is verzonden via de informele D66 discussielijst (D66 at nic.surfnet.nl).
Aanmelden: stuur een email naar LISTSERV at nic.surfnet.nl met in het tekstveld alleen: SUBSCRIBE D66 uwvoornaam uwachternaam
Afmelden: stuur een email naar LISTSERV at nic.surfnet.nl met in het tekstveld alleen: SIGNOFF D66
Het on-line archief is te vinden op: http://listserv.surfnet.nl/archives/d66.html
**********
More information about the D66
mailing list