Microsoft's Latest Patch: More Than Three Months In The Making, Exploits Unleashed FirstMicrosoft's Latest Patch: More Than Three Months In The Making, Exploits Unleashed First

.ANI vulnerability attacks expected to worsen even though patch was released.

Sharon Gaudin, Contributor

April 6, 2007

2 Min Read
information logo in a gray background | information

Microsoft lost its latest race against the bad guys. It was alerted to the .ANI vulnerability in December and began working on a patch immediately. Even so, the fix wasn't ready before exploits started to hit two weeks ago. Once that happened, Microsoft assigned nearly 100 technicians to work round the clock on the patch, which it released April 3.

The vulnerability was in a core area of Windows, complicating patch development, says Mark Miller, director of the Microsoft Security Response Center. "The time line is longer because you have to deal with this core area," he says.

The .ANI vulnerability affects how Windows handles malformed animated cursor files and could let a hacker remotely take control of an infected system. All recent releases of the Windows operating system, including Vista, are at risk, and Internet Explorer is the main attack vehicle, though Firefox users are at risk, too. Users get infected when they visit a Web page that has embedded malware designed to take advantage of the vulnerability or by opening an infected e-mail or attachment.

Researchers expect the attacks to worsen despite the release of the patch. As of last week, more than 700 Web sites were spreading the .ANI exploit, says Dan Hubbard, senior director of research at Websense, a security software company. Exploits are appearing in spam, and automated rootkits are popping up online that let unsophisticated hackers build malware.

Early last week, just before the patch was released, .ANI exploits were the most detected piece of code coming out of Asia, says Craig Schmugar, a McAfee threat researcher. It will become the most utilized exploit around the world in a week or two, he says.

"Getting the patch out early definitely was the right call to make," Schmugar says, but "now that toolkits are posted publicly, more and more hackers will find them and this will just get worse." Not a good prognosis for IT shops trying to stay on top of the malware.

Read more about:

20072007

About the Author

Sharon Gaudin

Sharon Gaudin

Contributor

See more from Sharon Gaudin
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

A group of smiling college graduates celebrating their graduation.
IT Leadership
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles
IT Sectors
How Tech Supports the Emergency Response to the LA County Wildfires
How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix
IT Infrastructure
Y2K and Infrastructure Resilience 25 Years Later
Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring
IT Leadership
Help Wanted: IT Hiring Trends in 2025
Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.
IT Leadership
Untangling Enterprise Reliance on Legacy Systems
Untangling Enterprise Reliance on Legacy Systems

Jan 21, 2025

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports