-=PCTechTalk=- US-CERT Cyber Security Alert SA07-089A -- Microsoft Windows ANI Vulnerability
- From: "David F. Wooledge" <wooledge001@xxxxxxxx>
- To: PCTechTalk <pctechtalk@xxxxxxxxxxxxx>, accmail Juno <juno_accmail@xxxxxxxxxxxxx>
- Date: Fri, 30 Mar 2007 22:25:27 -0700 (PDT)
--- US-CERT Alerts <alerts@xxxxxxxxxxx> wrote:
> Date: Fri, 30 Mar 2007 15:12:58 -0400
> From: US-CERT Alerts <alerts@xxxxxxxxxxx>
> To: alerts@xxxxxxxxxxx
> Subject: US-CERT Cyber Security Alert SA07-089A -- Microsoft Windows ANI
> Vulnerability
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> National Cyber Alert System
>
> Cyber Security Alert SA07-089A
>
>
>
> Microsoft Windows ANI Vulnerability
>
> Original release date: March 30, 2007
> Last revised: March 30, 2007--
> Source: US-CERT
>
>
> Systems Affected
>
> Microsoft Windows 2000, XP, Server 2003, and Vista are affected.
> Affected applications include:
>
> * Microsoft Windows
> * Microsoft Internet Explorer
> * Microsoft Outlook
> * Microsoft Outlook Express
> * Microsoft Windows Mail
> * Microsoft Windows Explorer
>
>
> Overview
>
> A vulnerability exists in Microsoft Windows that could allow an
> attacker to gain control of your computer.
>
>
> Solution
>
> Until updates are available, the following may reduce the chances of
> successful exploitation:
>
> Do not follow unsolicited or suspicious links
> Do not click unsolicited links received in email, instant messages,
> web forums, or internet relay chat (IRC) channels. Type URLs directly
> into the browser to avoid these misleading links.
>
> Do not open or read untrusted email
>
> Do not open or read email that comes from unknown or untrusted
> sources.
>
>
> Description
>
> A vulnerability exists in Microsoft Windows that could allow an
> attacker to gain control of your computer. This vulnerability occurs
> when Microsoft Windows processes malicious animated cursor files.
>
> US-CERT is tracking this issue as VU#191609.
>
>
> References
>
> * US-CERT Technical Cyber Security Alert TA07-089A -
> <http://www.us-cert.gov/cas/techalerts/TA07-089A.html>
>
> * Vulnerability Note VU#191609 -
> <http://www.kb.cert.org/vuls/id/191609>
>
> * Microsoft Security Advisory (935423) -
> <http://www.microsoft.com/technet/security/advisory/935423.mspx>
>
> * Unpatched Drive-By Exploit Found On The Web -
> <http://www.avertlabs.com/research/blog/?p=230>
>
> * TROJ_ANICHMOO.AX - Description and Solution
>
-<http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FANICMOO%2EAX>
>
> ____________________________________________________________________
>
> The most recent version of this document can be found at:
>
> <http://www.us-cert.gov/cas/alerts/SA07-089A.html>
> ____________________________________________________________________
>
> Feedback can be directed to US-CERT Technical Staff. Please send
> email to <cert@xxxxxxxx> with "SA07-089A Feedback VU#191609" in the
> subject.
> ____________________________________________________________________
>
> For instructions on subscribing to or unsubscribing from this
> mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
> ____________________________________________________________________
>
> Produced 2007 by US-CERT, a government organization.
>
> Terms of use:
>
> <http://www.us-cert.gov/legal.html>
> ____________________________________________________________________
>
> Revision History
>
> March 30, 2007: Initial release
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
>
> iQEVAwUBRg1e++xOF3G+ig+rAQKjtQgAg9cM+NQKBBRANft1qpove1nKiaAx26ve
> bRH90rqKTdPGBpBRm4O+ePJBhYy2jqIxhzSHL4d2gy9K81dL79wm2ELVHYCAC2US
> q/SHvxNyvfRiLrZFIDd94t+gPNwhk43jaeXhwJEOj7DVRXnv1xZQWJoJkjuOk6/G
> w4QjeuLnJMk72ZeYBGvPq6oZTTRCjY4JY+b7oGkWZ+2lgleNvFZwpAwHdNDJk9UD
> swH9Ubk4FVeqY3ety8BQKnSE48+2Un7qVoO72bxS7+7PK05zNdC9mhHLa8Q6LIjg
> V4wBTYmkFsE0eiWi5TnSKXtB+fIKl9tjUQrG2HSH2NQJaqwYleqSCg==
> =0LVO
> -----END PGP SIGNATURE-----
>
>
--
Please remember to trim your replies (including this sentence and everything
below it) and adjust the subject line as necessary.
To unsubscribe or change your email settings:
http://www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
http://www.freelists.org/archives/pctechtalk/
Other related posts:
- » -=PCTechTalk=- US-CERT Cyber Security Alert SA07-089A -- Microsoft Windows ANI Vulnerability