I just read about this vulnerability and I am asking, can someone explain to me how an “animated cursor” can lead to a execution of arbitrary code??

According to this Secunia advisory from today and the Mcafee advisory form March 28 (also found on Microsofts site), the animated cursor found in pretty much any Microsoft OS (XP, VISTa, 2000, 2003), can be used to exploit the machine? This exploit will give you the same level access to the machine in question as the user using it. This means ,generally speaking, full administrative rights, however it can be less if your user is just a normal user, such as corporate users.

It is rated, EXTREMELY critical because it’s a 0-day exploit and is actually actively being exploited (read: used). Wow.. and it even affects VISTA! could this be the first extremely critical vulnerability for the oh-so-secure-and-flashy Windows Vista?

Now the kicker is that, even as a normal user, you can still run programs, execute scripts or delete your own folder. How would an attacker be stopped from running a deltree * or something similar on your machine? or zip your docs up and upload them to a website? Registry scan? Scan the machine for credit card or quicken information? and all that because of an animated cursor…

Even better, how about using this exploit to insert kernel level code, and therefore bypassing all the “brilliant” access control safeguards?

I think the worst part is however, that it is actively being exploited and no patch is available (understandable, since it’sonly been a day or two). But come on… an animated cursor? Whats next, the typing on your keyboard will cause a buffer overflow?

Beware of visiting malicious websites and do’t use HTML preview in Outlook and Outlook Express.

Popularity: 6% [?]