We add confidence to computing
CALL (+91) 22 28265701, 93223 59065.
Free 24x7 Assistance
Forums: http://forums.mwti.net
Home                                
AntiVirus, AntiSpyware, AntiSpam Products for
Download Center
Partners Section
Support Center
Buy Online
Renew Your Products
Virus Information
Tell A Friend
Bookmark This Page
About Us
Events
Contact Us
Career With Us
  Home » Press Release
  MicroWorld Press Release
  
 
   
 
 
Microsoft goes out of cycle to patch cursor vulnerability - 04 April 2007

Security experts at the AntiVirus and Content Security firm MicroWorld Technologies say that new exploits are out on the Internet and are being actively exploited using many malicious websites, while Microsoft Corporation broke its monthly patch cycle and released a security fix yesterday for the critical cursor vulnerability referred to as CVE-2007-1765.

The flaw in question is a remote code execution vulnerability that exists in the way Windows handles cursors, animated cursors and icons that use .ani files. These are the files that help changing the cursor into a heart, a bee, a fighter plane, or any other animation.

An attacker can exploit the vulnerability by constructing a tricky cursor that can potentially allow Remote Code Execution when a user visits a malicious website or views a specially crafted e-mail message. If the attacker succeeds in exploiting the vulnerability, he or she can take over the computer and perform operation on it, while in some other cases, it turns out to be a Denial of Service attack by causing continuous system reboots.

"The main danger with this vulnerability is that it doesn't require active user participation for an exploit to work through this loophole. Instead, a victim just needs to visit a website or view an email in Outlook Express to make way for an attacker to take control of the computer. And I believe that's precisely why Microsoft has gone ahead of the regular schedule to patch this vulnerability," views Sunil Kripalani, Vice President, Global Sales and Marketing, MicroWorld Technologies.

According to Sunil Kripalani the first variant that exploited this vulnerability was 'Win32.IMG-ANI.d, while MicroWorld Technologies now protects its users against 8 more of its variants out in the wild. Unknown variants and newly created mutants will also be blocked using the Intention Analysis employed by MicroWorld products. He also urged all Windows users to immediately patch their systems with the fix provided by Microsoft, downloadable at http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx.

MicroWorld Technologies provides up-to-second protection against all kinds of malicious programs and zero-day vulnerability exploits in its eScan and MailScan range of security products. These products use a unique technology called MWL to facilitate malware scanning at Winsock Layer, update threat vaccines at the earliest and use some highly advanced methods in spam control.


MicroWorld

MicroWorld Technologies (www.mwti.net) is the developer of the world's most advanced AntiVirus, Content Security and Firewall software eScan, MailScan, and eConceal. MicroWorld Winsock Layer (MWL) is the revolutionary technology that powers most of MicroWorld products enabling them to achieve several certifications and awards by some of the most prestigious testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red Hat Ready and Novell Ready.


To learn more, kindly visit http://www.mwti.net.

From

MicroWorld
Email: response@mwti.net

 
 





Corporate Links
Corporate Info
Our Vision

Press Center

Press Releases

MicroWorld Offices

Career With Us

Awards Earned
Click here for more awards of eScan

Customer Feedback

 

Hi There I must say your support is great I only wish other tech companies were half as good.

David Hyde

--------------------------
I really appreciate all your help with the Microsoft fiasco the other day. You always go the extra mile and no matter how it seems, I greatly appreciate you.

Jay Traylor
   
Copyright © 2009 MicroWorld Technologies Inc. - AntiVirus & Content Security