A week before its monthly Patch Tuesday release, Microsoft plans to release an emergency patch Tuesday for the four-month-old animated cursor file (.ANI) vulnerability in Windows after attacks using the flaw spiked over the weekend.
"From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat," wrote Christopher Budd, security program manager at Microsoft's Security Response Center, in a Monday blog post.
The public disclosure of proof-of-concept code and customer feedback has spurred Microsoft researchers to work "around the clock" to test the update, Budd wrote.
Security researchers rushed to offer their assessments on what appears to be most serious security vulnerability of 2007. Websense Security Labs said it's tracking more than 100 Web sites that are spreading the .ANI exploit, most of which are downloading and installing password-stealing code. Researchers from McAfee's Threat Center said they discovered a spam campaign that attempts to drive users to a Web site hosting exploit code.
Researchers from the Chinese Internet Security Response Team (CSIRT) said they've discovered a worm using the .ANI exploit that's spreading.
The worm, which mimics the behavior of the Win32.Fujacks worm, inserts malicious links into .HTML, .ASPX, .HTM, .PHP, .JSP, .ASP and .EXE files, directing users to sites hosting the .ANI exploit, according to a Monday CSIRT bulletin.
Microsoft had originally planned to patch the .ANI flaw as part of its April 10 monthly patch release, but the company was able to speed up the testing process and release a fix ahead of schedule, Budd wrote.
"Due to the increased risk to customers from these latest attacks, we were able to expedite our testing to ensure an update is ready for broad distribution sooner than April 10," Budd wrote.
However, he said it's possible that Microsoft could be forced to delay the release of the patch if the company encounters any unforeseen issues in testing the patch.
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
|
10 Security Predictions For 2012 CRN looks into its crystal ball and sees Android, hactivisim and cyber-espionage as some of the top 10 security threats in 2012. |
|
10 Biggest Security Breaches Of 2011 The Top 10 Security Breaches of 2011 show hackers were relentless in their pursuit of profit, compromising computer systems of universities, video-game makers and the largest banks. |
 More
Slide Shows |
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
- Remote Management and IT Security: Building Profits While Reducing Costs
