Curse that Window's Cursor! - Mercedes-Benz Forum

 
LinkBack Thread Tools Display Modes
post #1 of 3 (permalink) Old 03-30-2007, 10:35 AM Thread Starter
Will Moderate For Cigars
 
cmitch's Avatar
 
Date registered: Apr 2005
Vehicle: 2002 ML320, 2005 S430 4MATIC, 2010 F150 Crew Cab
Location: City on the TN River
Posts: 10,692
Mentioned: 3 Post(s)
Quoted: 204 Post(s)
Lifetime Premium Member
(Thread Starter)
Curse that Window's Cursor!

Yep. That all reliable and stable Windows is in trouble again. I . . . can . . . see . . . you . . . through . . . the . . . cursor . . . hole!

Cursor hole puts Windows PCs at risk
Posted 1h 35m ago
Joris Evers for News.com

A new security vulnerability puts Windows users at risk of serious cyberattacks, Microsoft warned late Wednesday.

The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory.

An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said.

"Upon viewing a Web page, previewing or reading a specially crafted message, or opening a specially crafted e-mail attachment, the attacker could cause the affected system to execute code," Microsoft said in its advisory.

Such holes are often exploited by cybercrooks to do "drive-by" installations of malicious software. Spyware and remote control tools that turn PCs into drones for the attacker are silently loaded onto vulnerable computers by tricking people to visit a rigged website or hacking a trusted site. The website for the Super Bowl stadium is a recent example of a drive-by attack.
FIND MORE STORIES IN: Microsoft | Windows | PCS | Spyware

Sample code that demonstrates the vulnerability has already been posted on the Web, McAfee said in a security alert sent to customers. "Malware exploiting this vulnerability has been observed in the wild," the security company said in the alert.

Other security experts also raised an alarm. "I expect attackers will pick up on this as soon as they figure out how to, we'll very shortly see the usual suspects using it," said Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs. "The sample site is already offline; this could be a prelude to a bigger attack."

Animated cursors allow a mouse pointer to appear animated. The animated-cursors feature is designated by the .ani suffix, but a successful attack is not constrained by this file type, Microsoft said. As a result, simply blocking such files won't protect a PC.

The exposure to attacks that exploit the flaw is mitigated on Vista machines with Internet Explorer 7, Microsoft noted. IE 7 protected mode shields the computer against drive-by installations because the browser is restricted to where it can write files.

2005 S430 4Matic 'Morton' W220.183 • 722.671 Rest in Peace

Bells and whistles are thorns and thistles.
cmitch is online now  
Sponsored Links
Advertisement
 
post #2 of 3 (permalink) Old 03-30-2007, 12:29 PM
Surely A Large Human
 
Qubes's Avatar
 
Date registered: Jun 2006
Vehicle: '08 C219
Location: Between Earth and Mars
Posts: 34,253
Mentioned: 2 Post(s)
Quoted: 493 Post(s)
Lifetime Premium Member
So, we've waited about 18 months longer than MS said it would take to deliver "Longhorn" (pfffft), while they wiped the slate clean and re-developed Windows - again - nearly ground-up. And how suprising, they repeated the mistakes of the past, by writing in useless "features" without considering the architectural and security ramifications thereof.

It's a necessary evil, for sure, but anyone who argues Vista etc. are the BEST you can buy are out of their ever loving gourds.
Qubes is offline  
post #3 of 3 (permalink) Old 03-30-2007, 12:32 PM
DP
Moderator
 
DP's Avatar
 
Date registered: Aug 2002
Vehicle: 190E, 400E, SLK350
Location: Chesapeak Bay
Posts: 64,125
Mentioned: 2 Post(s)
Quoted: 991 Post(s)
Lifetime Premium Member
We will be assimilated anyway
DP is offline  
Sponsored Links
Advertisement
 
Reply

  Mercedes-Benz Forum > General Mercedes-Benz Forums > Off-Topic

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Mercedes-Benz Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in











  • Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
     
    Thread Tools
    Show Printable Version Show Printable Version
    Email this Page Email this Page
    Display Modes
    Linear Mode Linear Mode



    Similar Threads
    Topic Author Forum Replies Last Post
    Two Year Curse Sergio W124 E,CE,D,TD Class 10 08-30-2006 06:30 AM
    Window's won't shut Gta255 W124 E,CE,D,TD Class 3 08-09-2005 09:57 AM
    SL mouse cursor animated NT2OOO R129 SL-Class 1 04-15-2004 01:06 AM
    The Curse Continues... rage2 R170 SLK-Class 4 09-24-2003 11:43 AM
    is black paint a curse!?! Guest (MBNZ) W203 C-Class 5 06-28-2002 11:42 AM

    Posting Rules  
    You may post new threads
    You may post replies
    You may not post attachments
    You may not edit your posts

    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off
    Trackbacks are On
    Pingbacks are On
    Refbacks are On

     

    Title goes here

    close
    video goes here
    description goes here. Read Full Story
    For the best viewing experience please update your browser to Google Chrome