Game On: Microsoft to Issue Emergency Patch Patch Issued Early for ANI Cursor Vulnerability Michael Hickins
Microsoft (Quote) will issue a security update on Tuesday to protect customers from a new criminal attack on their computers, according to a company spokesperson. A security expert said the attacks originate in China and have focused on obtaining the credentials of online role-playing gamers.
The new virus, originally reported last week, exploits a vulnerability in how Microsoft operating systems, including Windows Vista as well as previous versions of Windows, handle animated cursor (.ANI) files. The attack vector can be either a Web page or e-mail message containing the malicious code.
Microsoft had originally planned to release the patch next Tuesday as part of its regular monthly release of security bulletins, but decided to release the update ahead of schedule because it has become "aware of the existence of a public attack utilizing the vulnerability," the spokesperson said in an e-mail.
The spokesman added that "Microsoft's monitoring of attack data continues to indicate that the attacks and customer impact is limited."
But according to Ken Dunham, director of the rapid response team at iDefense Verisign intelligence operations, exploitation of the vulnerability took off over the weekend. "The new ANI exploit will be a long-term persistent threat, one of the most significant we've seen in the past three years," he wrote in an e-mail.
According to Dunham, hacker log files and payloads indicate that many of the original attacks, mainly out of China, are focused on the theft of role-playing game credentials. "Real hackers are making real money in a virtual world," he wrote.
Thus far, however, all exploits to date have impacted only Windows XP SP2. But Dunham cautioned that the attacks will pose a significant danger to enterprises as the work week resumes.
Microsoft said customers should download the patch, MS07-17, to protect themselves from the exploitation. Customers who use Automatic Updates will receive the update automatically and do not need to take any additional actions.
Consumers can also manually download and deploy the update by visiting the Microsoft Windows Update page.
