Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Microsoft Release Animated Cursor Fix PDF Print E-mail
Written by Editor   
Wednesday, 04 April 2007 09:17

Microsoft yesterday released an out of band patch to address the Animated Cursor vulnerability that was released last week and was being actively exploited. The advisory is named ‘Vulnerabilities in GDI Could Allow Remote Code Execution (925902)’ or MS07-017 by Microsoft. 

The patch released by Microsoft addresses the critical issue that has resulted in the Animated Cursor code execution vulnerability that has formed the basis for a worm to compromise users systems. As well as this vulnerability the patch addresses six other vulnerabilities, with these other vulnerabilities rated as important and moderate risk issues.

The addressed vulnerabilities are:

  • GDI Local Elevation of Privilege Vulnerability (CVE-2006-5758)
  • WMF Denial of Service Vulnerability (CVE-2007-1211)
  • EMF Elevation of Privilege Vulnerability (CVE-2007-1212)
  • GDI Invalid Window Size Elevation of Privilege Vulnerability (CVE-2006-5586)
  • GDI Incorrect Parameter Local Elevation of Privilege Vulnerability (CVE-2007-1215)
  • Font Rasterizer Vulnerability (CVE-2007-1213)

These issues are either denial of service or can be used for privilege escalation attacks, we recommend that you implement the patch as soon as possible.

For more details on the patch from Microsoft you can get the full details for MS07-017 here.


Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Wednesday, 04 April 2007 09:19 )