Microsoft Patches Flaw Being Exploited In The Wild

Microsoft has known about a flaw in the way Windows handles animated cursors since December. However, they did not get around to patching it until it was found that malicious developers had found a way to exploit it to install malware on vulnerable systems. Last week, Microsoft released a patch out of cycle from their normal monthly patch release to address the problem. Microsoft Security Bulletin MS07-017 tackles the ANI flaw (dealing with the animated cursors), and a handful of other vulnerabilities as well. It has also been announced that the flaw can be exploited from within the Firefox Web browser running on Windows as well. Check out Microsoft Security Bulletin MS07-017 for more details and links to the necessary patches.