This is just an FYI for those who may not be following the latest Windows 0-day vulnerability and an upcoming out of cycle patch. Last Thursday, Microsoft published a Security Advisory (935423) describing a vulnerability in Animated Cursor Handling affecting a range of Windows OS versions. The result is that a user that visits a malicious website or reads a specially crafted HTML e-mail may automatically trigger the vulnerability and executing arbitrary code running as that user.
Microsoft's Security Response Center has indicated that an out of cycle patch will be released for this vulnerability as soon as tomorrow (April 3rd) due to increased attacks and publicly available proof of concept code circulating around.
This one is primarily a problem for Windows workstations as it is triggered through user action such as web browsing or reading e-mail. We have also seen some activity on the campus intrusion detection sensor that indicates possible use of this exploit on campus.
So keep an eye out for this patch and apply it as soon as possible to your systems.
Microsoft Security Advisory (935423)
Microsoft Security Response Center Blog
Posted by Addam Schroll on April 02, 2007, in Handlers Log.