Malicious Website / Malicious Code: Animated Cursor 0-Day Vulnerability

admin · #1 03-30-07, 05:40 AM

Websense® Security Labs™ is currently monitoring an unpatched (0-day) vulnerability in Microsoft Windows. No user interaction is necessary for the exploit to be successful. A computer may become infected by simply visiting a malicious website. This vulnerability exists in the way animated cursors are processed, and is very similar to MS05-002, which was patched by Microsoft in early 2005.At this time, we are aware of 9 different sites hosting the new exploit. We will continue to monitor for any additional sites, as we expect the exploit's usage to increase.One of the sites involved is the same one which targeted Dolphin Stadium during the Super Bowl. It is likely that the same group is behind the current attack.Additional details on the vulnerability are available from Microsoft Security Advisory #935423:http://www.microsoft.com/technet/sec...ry/935423.mspx

More...

Thread Tools
Show Printable Version Email this Page
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
List of IP Addresses & Sites Associated with SCAMS/SPAMS	ScamBuster	Scam & Spam Directory	98	10-28-08 08:34 AM
Informational Alert: Websense Discovers Microsoft Excel High-risk Zero-day Vulnerabil	admin	News - Security Threats & Alerts	0	03-24-08 04:09 PM
MIT Kerberos Vulnerabilities	Scrub	News - Security Threats & Alerts	0	04-03-07 10:32 PM
Microsoft Update for Windows Animated Cursor Vulnerability	Scrub	News - Security Threats & Alerts	0	04-03-07 10:28 PM
Microsoft Internet Explorer 7 Released	admin	Identity Theft- Phishing - Spam - BlackMails	0	11-08-06 03:48 PM