Q: Update: (haha)
The patch for the ANI / Animated Cursor vulnerability is now available from there (http://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx) (extending from the infected Software and Download Locations link) .
For those interested, Microsoft says theyre going to patch the vulnerability in Animated Cursor out 3-4. Interestingly, it seems FuseTalk MSRC as a forbidden word: confused: so I can not connect directly to the MSRC blog. But still .
Re:Originally posted by: guy
Originally posted by: guy
This update has been giving trouble with Realtek drivers.
I saw something yesterday about MS having released an updated patch that was supposed to not have this problem. There is also an updated Realtek driver available.Microsoft has a hotfix for the Realtek driver issue and the three other known-affected programs. They said the hotfix will be automagically deployed to Automatic Updates or MU/WU users where needed, as part of the April 10th scheduled patch release, but it's been available from here (http://support.microsoft.com/kb/935448/) since the 6th for those who need it.
Re:Originally posted by: guy
This update has been giving trouble with Realtek drivers.
I saw something yesterday about MS having released an updated patch that was supposed to not have this problem. There is also an updated Realtek driver available.
Re:This update has been giving trouble with Realtek drivers.
Re:I'm with you mech, which is why I posted an update to this thread.
Firefox plus the NoScript (http://https://addons.mozilla.org/firefox/722/) plugin would be a safer bet. I also think this combo was immune to the ANI exploit.Re:Originally posted by: guy
The Web site for computer parts manufacturer ASUStek Computer has been hacked and has been serving up attack code that exploits the recently patched .ANI Windows vulnerability. The exploit is hidden in an HTML element on the front page of ASUStek's Taiwanese Web site, which then attempts to download the code from another server. As of Friday afternoon, the server hosting the attack code was not operational, mitigating the risk of this attack, although attackers can always redirect their attacks to a live server. Based in Taipei, ASUStek makes computer accessories like motherboards, video cards, and CD-ROMs. Reliable exploit code that targets this flaw has been circulating for more than a week now. Roger Thompson, CTO with Exploit Prevention Labs, noted that the ASUStek hack shows how easy it is for even trusted Web sites to be compromised: "If a major company like ASUStek can get hacked and be infective, anyone can."
http://www.infoworld.com/article/07/04/06/HNasusteksitehack_1.htmlHow many times we've heard the refrain over in Software…
"Bah, antivirus softwares are for newbies! I don't use any, and I've NEVAR gotten a virus!* I am too leet to visit …umm, bad sites like… what site again? Oh, Asus.com? Seriously? 
"
Or Yahoo, or The Register, or Neowin, or BestBuy, or DolphinsStadium, or pics.bbzzdd.com… the list goes on…
Another interesting facet: FireFox isn't immune to it either (http://www.eweek.com/article2/0,1895,2111290,00.asp). In fact, FireFox on Vista sounds like it might be more exploitable than IE, due to the lack of a Protected Mode (although I heard there's clever ways to run FF and other software at low Integrity level, see invisiblethings (http://theinvisiblethings.blogspot.com/2007/02/running-vista-every-day.html)).
The Mozilla Foundation, which supports Firefox, said in a statement that the ANI vulnerability can be exploited through both Firefox and IE. Mozilla is encouraging all Windows users to apply Microsoft's update immediately. The foundation also said that it is investigating issuing a workaround within Firefox in an upcoming security release.
All things considered, I'll stick to running my daily-driver stuff from a non-Admin user account with a Software Restriction Policy, with antivirus software and patching as the frosting on the cake.
*that they know of, anyway
Re:The Web site for computer parts manufacturer ASUStek Computer has been hacked and has been serving up attack code that exploits the recently patched .ANI Windows vulnerability. The exploit is hidden in an HTML element on the front page of ASUStek's Taiwanese Web site, which then attempts to download the code from another server. As of Friday afternoon, the server hosting the attack code was not operational, mitigating the risk of this attack, although attackers can always redirect their attacks to a live server. Based in Taipei, ASUStek makes computer accessories like motherboards, video cards, and CD-ROMs. Reliable exploit code that targets this flaw has been circulating for more than a week now. Roger Thompson, CTO with Exploit Prevention Labs, noted that the ASUStek hack shows how easy it is for even trusted Web sites to be compromised: "If a major company like ASUStek can get hacked and be infective, anyone can."
http://www.infoworld.com/article/07/04/06/HNasusteksitehack_1.html
Re:I'm impressed to see the IE7 jail for Vista worked to keep this contained. I'd still rather see Windows not have vulnerabilities period, but from a more realistic perspective I hope this is a sign that the jail will be as effective as promised and completely block browser-based vulnerabilities.
PS I can not think of a single good reason why ****** should be verboten. It's not a HTML or SQL statement
Re:Update installed, rebooting shortly to see if it breaks anything.
Re:XP SP2:
http://www.microsoft.com/downloads/deta…-4B78-9463-10AC20A75020&displaylang=en (http://www.microsoft.com/downloads/details.aspx?familyid=F82EA184-945F-4B78-9463-10AC20A75020&displaylang=en)
Re:Bump, the patch is now available (see OP). On Vista x64, my Windows Update list showed it as Important.
Re:Nice, now we wont have to hear about it from Quinton.
0 Comments.