eEye issues temporary patch for Windows cursor flaw

Security vendor eEye has issued a temporary workaround for a zero-day exploit which takes advantage of a vulnerability in the Windows cursor.

The hole in animated cursor (.ani) files for Windows, was flagged by Microsoft in an advisory last week, but there are fears it is spreading rapidly. An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said at the time. All versions of Microsoft Windows are vulnerable, including Vista, which the software giant promotes as the most secure yet.

eEye's fix stops Web sites from loading potentially malicious animated icons, according to the company's advisory. It goes on to warn that its fix is only temporary, and that users should uninstall it once Microsoft has released an official patch.

Microsoft has said it will issue an early, out-of-cycle patch for the flaw.

Talkback 0 comments

• Security/Network Engineer Cisco PIX/Checkpoint
• Finance Manager Risk Assessment & Compliance, Asia Pacific
• Network Security Engineer
• BUILDING SERVICES Senior Electrical Engineer. $136 117K. Project Security
• Junior Security Analyst

TechGuides

Hands-on programming: Extract plain text from documents with Syncfusion's components

Justin James recently tried Syncfusion's Essential DocIO and Essential PDF to help him extract text from documents he downloaded from the Internet. Here's the code he wrote to get the plain text.

Read more »

Latest from Blog Central

Will technology divide us further?

Read more »

Cutting-edge technology from premium sponsors

Adaptive Threat Management

High Performance Security for your Distributed Enterprise

Achieve lower TCO, agility, risk mitigation, compliance, and productivity

Webcast series: Cybercrime is a growth industry - is your organisation prepared?

More resources to optimize the security of your enterprise »

Brought to you by:

 

 

 

More Tech Showcases:

Juniper Networks

Hitachi Eco-Products