Patch for ANI Cursor VulnerabilityPatch for a vulnerability that requires user interaction by viewing a malicious Windows animated cursor (.ANI) file | |
Download |
Patch for ANI Cursor Vulnerability Ranking & Summary
Advertisement
- License:
- Freeware
- Publisher Name:
- eEye Digital Security
- Operating Systems:
- Windows 2K / XP / 2003 / Vista
- File Size:
- 961 KB
Patch for ANI Cursor Vulnerability Tags
Patch for ANI Cursor Vulnerability Description
An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user. This vulnerability requires user interaction by viewing a malicious Windows animated cursor (.ANI) file. .ANI files are commonly used by web developers to display custom cursor animations to enhance web-site experiences. The most potent attack method is by embedding a malicious .ANI file within an HTML web page. Doing so allows the vulnerability to be exploited with minimal user interaction by simply coaxing a user to follow a hyperlink and visit a malicious web site. Other exploit vectors exist including Microsoft Office applications since they also rely on the same .ANI processing code, making e-mail delivery also a potent threat by using Microsoft Office attachments. Since .ANI processing is performed by USER32.dll and not the attack vector application itself, all attack vectors have the potential to use a similar exploit with similar address offsets targeted at Windows directly, allowing for a very reliable exploit. Users who install this patch should note: · This patch is a temporary fix and should be removed before the official Microsoft patch is installed. · It is recommended that users test this patch thoroughly before installing. · This patch only supports Windows 2000, Windows XP, Windows Server 2003, and Windows Vista. · This patch will not work on x64 or Itanium architectures. · To install silently run this command: WindowsAnimationPatchSetup.exe /qn · To uninstall silently run this command: msiexec /qn /x {DFEF2523-72D0-483F-A1C2-FC29B71B166A} · This patch includes a checker that will uninstall itself when it detects a Microsoft patch has been installed. To disable the checker, run the installation with this command line (command is case-sensitive): WindowsAnimationPatchSetup.exe NOCHECKER=1
Patch for ANI Cursor Vulnerability Related Software