Microsoft Security Bulletin

Normally, Microsoft releases their Security Bulletins and associated patches once a month, on the second Tuesday of each month. Last week, Microsoft released Security Bulletin MS07-017 out of cycle to address a flaw with ANI that was being actively exploited in the wild.

ANI is used in managing animated cursors and some malicious web sites were exploiting the animated cursor flaw to install malware on vulnerable systems.

The flaw affects Windows 2000, Windows XP, Windows Server 2003 and Windows Vista, and has also been found to be exploitable from within the Firefox Web browser software running on Windows.

For more details, or to download the necessary patch, check out the Security Bulletin below:

• Microsoft Security Bulletin MS07-017