Monday, May 16, 2022
  • Home

Animated cursor attacks escalate; emergency patch coming

April 2nd, 2007 by Jabez Gan [MVP]

Microsoft plans to release an emergency, out-of-cycle Windows update on Tuesday, April 3, 2006 to patch the animated cursor (.ani) vulnerability currently being used in widespread malware attacks.

The decision follows a weekend of escalated attacks, which include a self-propagating worm spotted in China and the discovery of hundreds (possibly thousands) of hacked Web sites hosting animated cursor exploits.

According to Christopher Budd, a program manager in the MSRC (Microsoft Security Response Center), the out-of-band patch is in response to the increased attacks and the public disclosure of proof-of-concept code.

“In light of these points, and based on customer feedback, we have been working around the clock to test this update and are currently planning to release the security update that addresses this issue on Tuesday April 3, 2007,” Budd said in a blog entry.

The proof-of-concept code is available at, a public repository for free exploits. The remote exploit code even bypasses the unofficial patch being offered by eEye Digital Security.


Posted in Windows Vista, Windows XP | 1 Comment »

This entry was posted on Monday, April 2nd, 2007 at 4:31 pm and is filed under Windows Vista, Windows XP. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response

  1. MSBLOG » Blog Archive » ANI Patch now Released!!! Says:

    […] discussed in our previous blog, this update was earlier to the usual second Tuesday monthly Security Release because of the […]