Curse that Window's Cursor! - Mercedes-Benz Forum

 
LinkBack Thread Tools Display Modes
post #1 of 3 (permalink) Old 03-30-2007, 09:35 AM Thread Starter
Will Moderate For Cigars
 
cmitch's Avatar
 
Date registered: Apr 2005
Vehicle: 2002 ML320, 2005 S430 4MATIC, 2010 F150 Crew Cab
Location: City on the TN River
Posts: 10,758
Mentioned: 3 Post(s)
Quoted: 226 Post(s)
Lifetime Premium Member
(Thread Starter)
Curse that Window's Cursor!

Yep. That all reliable and stable Windows is in trouble again. I . . . can . . . see . . . you . . . through . . . the . . . cursor . . . hole!

Cursor hole puts Windows PCs at risk
Posted 1h 35m ago
Joris Evers for News.com

A new security vulnerability puts Windows users at risk of serious cyberattacks, Microsoft warned late Wednesday.

The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory.

An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said.

"Upon viewing a Web page, previewing or reading a specially crafted message, or opening a specially crafted e-mail attachment, the attacker could cause the affected system to execute code," Microsoft said in its advisory.

Such holes are often exploited by cybercrooks to do "drive-by" installations of malicious software. Spyware and remote control tools that turn PCs into drones for the attacker are silently loaded onto vulnerable computers by tricking people to visit a rigged website or hacking a trusted site. The website for the Super Bowl stadium is a recent example of a drive-by attack.
FIND MORE STORIES IN: Microsoft | Windows | PCS | Spyware

Sample code that demonstrates the vulnerability has already been posted on the Web, McAfee said in a security alert sent to customers. "Malware exploiting this vulnerability has been observed in the wild," the security company said in the alert.

Other security experts also raised an alarm. "I expect attackers will pick up on this as soon as they figure out how to, we'll very shortly see the usual suspects using it," said Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs. "The sample site is already offline; this could be a prelude to a bigger attack."

Animated cursors allow a mouse pointer to appear animated. The animated-cursors feature is designated by the .ani suffix, but a successful attack is not constrained by this file type, Microsoft said. As a result, simply blocking such files won't protect a PC.

The exposure to attacks that exploit the flaw is mitigated on Vista machines with Internet Explorer 7, Microsoft noted. IE 7 protected mode shields the computer against drive-by installations because the browser is restricted to where it can write files.

2005 S430 4Matic 'Morton' W220.183 • 722.671 Rest in Peace

Bells and whistles are thorns and thistles.
cmitch is offline  
Sponsored Links
Advertisement
 
post #2 of 3 (permalink) Old 03-30-2007, 11:29 AM
Surely A Large Human
 
Qubes's Avatar
 
Date registered: Jun 2006
Vehicle: '08 C219
Location: Between Earth and Mars
Posts: 34,613
Mentioned: 5 Post(s)
Quoted: 640 Post(s)
Lifetime Premium Member
So, we've waited about 18 months longer than MS said it would take to deliver "Longhorn" (pfffft), while they wiped the slate clean and re-developed Windows - again - nearly ground-up. And how suprising, they repeated the mistakes of the past, by writing in useless "features" without considering the architectural and security ramifications thereof.

It's a necessary evil, for sure, but anyone who argues Vista etc. are the BEST you can buy are out of their ever loving gourds.
Qubes is offline  
post #3 of 3 (permalink) Old 03-30-2007, 11:32 AM
DP
Moderator
 
DP's Avatar
 
Date registered: Aug 2002
Vehicle: 190E, 400E, SLK350
Location: Chesapeak Bay
Posts: 64,292
Mentioned: 2 Post(s)
Quoted: 1066 Post(s)
Lifetime Premium Member
We will be assimilated anyway
DP is online now  
Sponsored Links
Advertisement
 
Reply

  Mercedes-Benz Forum > General Mercedes-Benz Forums > Off-Topic

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Mercedes-Benz Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Similar Threads
Topic Author Forum Replies Last Post
Two Year Curse Sergio W124 E,CE,D,TD Class 10 08-30-2006 05:30 AM
Window's won't shut Gta255 W124 E,CE,D,TD Class 3 08-09-2005 08:57 AM
SL mouse cursor animated NT2OOO R129 SL-Class 1 04-15-2004 12:06 AM
The Curse Continues... rage2 R170 SLK-Class 4 09-24-2003 10:43 AM
is black paint a curse!?! Guest (MBNZ) W203 C-Class 5 06-28-2002 10:42 AM

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 

Title goes here

close
video goes here
description goes here. Read Full Story
For the best viewing experience please update your browser to Google Chrome