Microsoft plans to release an emergency, out-of-cycle Windows update on Tuesday, April 3, 2006 to patch the animated cursor (.ani) vulnerability currently being used in widespread malware attacks.

The decision follows a weekend of escalated attacks, which include a self-propagating worm spotted in China and the discovery of hundreds (possibly thousands) of hacked Web sites hosting animated cursor exploits.

According to Christopher Budd, a program manager in the MSRC (Microsoft Security Response Center), the out-of-band patch is in response to the increased attacks and the public disclosure of proof-of-concept code.

“In light of these points, and based on customer feedback, we have been working around the clock to test this update and are currently planning to release the security update that addresses this issue on Tuesday April 3, 2007,” Budd said in a blog entry.

The proof-of-concept code is available at Milw0rm.com, a public repository for free exploits. The remote exploit code even bypasses the unofficial patch being offered by eEye Digital Security.

Source: http://blogs.zdnet.com/security/?p=145&tag=nl.e622