Microsoft Security Advisory (935423)
Vulnerability in Windows Animated Cursor Handling
Published: March 29, 2007Microsoft is investigating new public reports of attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.
Overview
Purpose of Advisory: To provide customers with initial notification of the publicly disclosed vulnerability. For more information see the “Workarounds and Mitigations” and “Suggested Actions” section of the security advisory.Advisory Status: Issue Confirmed, Security Update Planned
Recommendation: Do not visit untrusted websites or view unsolicited email
