Windows ANI patch problems reported

By Bill Brenner, Senior News Writer 04 Apr 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

The Bethesda, Md.-based SANS Internet Storm Center (ISC) reported some installation problems with the patch released in MS07-017, which fixes a glitch in how Windows handles animated cursor (.ani) files.

"We have received several emails today from people who are having problems with the patch," ISC handler Deborah Hale wrote on the site. She said Microsoft is working to address the problems and is asking anyone who has trouble after installing the patch to contact Microsoft Product Support Services at 1-866-PCSAFETY. The ISC site links to Microsoft, which addresses some of the problems reported so far.

MS07-017 was released a week ahead of Microsoft's regularly-scheduled security update because the flaw has been targeted in a number of attacks. Microsoft confirmed last week that attackers could exploit it to run malicious commands on a victim's machine. The flaw can be exploited when users visit a malicious Web site or open a tainted email attachment. Users are at risk even if they are browsing with Internet Explorer 7 on a system running Windows Vista. Most versions of Windows are vulnerable.

Windows ANI flaw: Microsoft releases patch for Windows ANI flaw: Security companies are seeing massive attacks against the Windows ANI zero-day flaw, prompting Microsoft to rush out a fix a week before Patch Tuesday. Microsoft warns of Windows zero-day; third-party fix released: Attackers are exploiting a new zero-day flaw in Windows, Microsoft confirmed Thursday. eEye Digital Security has released a temporary patch.

Alexander Sotirov, a researcher at Redwood City, Calif.-based Determina Inc. who discovered the ANI flaw last December and reported it to Microsoft, said in the Determina Security blog that the popular Mozilla Firefox browser is also susceptible to the flaw.

His posting included a short flash video demonstrating an exploit against the ANI vulnerability in which he says, "It turns out that Firefox uses the same vulnerable Windows component to process .ani files, which means it can be exploited in a way similar to Internet Explorer."

The news may be disheartening to Firefox users who view the open source browser as a safer alternative to the much-attacked Internet Explorer.

Mozilla has already released a number of Firefox security updates this year. Mozilla security chief Window Snyder said in a recent interview that Mozilla tries to issue a security upgrade every six weeks or so.

"We're continuously looking for vulnerabilities and continuously fixing them," she said at the time. "Users don't have to wait for the next version of the product to get a lot of the benefits of the security work we're doing. They get it on a regular basis."

Tags: Security Patch Management,  Windows Security: Alerts, Updates and Best Practices,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Patch Management Adobe fixes critical Shockwave Flash Player flaw Mozilla patches 11 Firefox security flaws, JavaScript errors Microsoft patches WebDAV security vulnerability in bevy of updates Adobe issues first quarterly patch release fixing 13 flaws Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities Adobe shifts to Microsoft patching process, incident response plan Software delivery could fix software patching issues Microsoft updates Office to address serious PowerPoint vulnerabilities Microsoft to patch critical PowerPoint zero-day flaw Firefox update addresses several security flaws Windows Security: Alerts, Updates and Best Practices New attack code targets Microsoft ActiveX zero-day vulnerability When BIOS updates become malware attacks Microsoft patches WebDAV security vulnerability in bevy of updates Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities Hackers targeting unpatched Microsoft DirectShow flaw Microsoft warns of IIS zero-day vulnerability Microsoft updates Office to address serious PowerPoint vulnerabilities Microsoft to patch critical PowerPoint zero-day flaw How to perform Microsoft Baseline Security Analyzer (MBSA) scans Microsoft patches serious Excel zero-day, Windows flaws

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary attack vector  (SearchSecurity.com) back door  (SearchSecurity.com) ethical worm  (SearchSecurity.com) Patch Tuesday  (SearchSecurity.com) zero-day exploit  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary