Microsoft to patch animated cursor bug early

Microsoft Corp. will patch the increasingly dangerous Windows animated cursor vulnerability tomorrow, a week early, said a spokesman of the company’s security team.

“Microsoft originally planned to release the update on Tuesday, April 10, as part of its regular monthly release of security bulletins,” the spokesman said in an e-mail. “However, Microsoft is aware of the existence of a public attack utilizing the vulnerability, [and] since testing has been completed, Microsoft will release the update ahead of schedule to help protect customers.”

The announcement followed a weekend of escalating warnings from security organizations and reports from China’s Internet Security Response Team (CISRT) of a worm in the wild using the unpatched vulnerability. Symantec Corp. and other antivirus companies confirmed the existence of the Fubalca worm yesterday.

Over the weekend, a number of events showed the speed with which attackers were moving. First, exploit source code was publicly posted on a security mailing list, then McAfee Inc. said it had seen at least one spam run that linked to the exploit, and finally, Websense Inc. claimed that it had spotted more than 100 malicious sites spreading the exploit, a tenfold increase over the day before.

Microsoft’s decision to push the patch out tomorrow may have come just in time. This weekend, Ken Dunham, director of VeriSign Inc.’s iDefense rapid-response team, said, “We are in the eye of the storm. Spam run-type attacks pose significant danger to enterprises as the workweek resumes. Popularization of the exploit is under way amongst multiple hackers, and it’s trivial to use and modify.

“This is undoubtedly a serious issue that will persist for many months if not years, attacking vulnerable computers,” said Dunham.

On Saturday, Microsoft’s Security Response Center (MSRC) added Windows Server 2003 Service Pack 2 to the long list of Windows editions affected by the bug. Yesterday, Christopher Budd, an MSRC program manager, acknowledged that attacks leveraging the flaw had increased. “In light of these points and based on customer feedback, we have been working around the clock to test this update,” Budd said on the MSRC blog.

The emergency fix, pegged as MS07-017, will be released through Microsoft’s normal channels, including Automatic Updates, Windows Update and the enterprise-oriented Windows Server Update Services. MS07-017 will be only the third out-of-cycle patch from Microsoft in more than two years.

–IDG Newswire

Comment: cdnedit@itbusiness.ca

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.