14 DAY TRIAL // Microsoft delivered on its promise to release an out-of-band security update for the vulnerability impacting Windows Animated Cursor Handling. In the context in which the volume of attacks targeting the .ANI file format vulnerability was increasing and with Proof-of-Concept code available in the wild, Microsoft has made available Security Bulletin MS07-017 on April 3 2007, addressing multiple vulnerabilities in GDI.
"We originally planned to release the update on Tuesday, April 10, 2007 as part of our regular monthly release of security bulletins. We have been monitoring the situation throughout and our indications, and those of our MSRA partners, show there is a threat for attacks against this vulnerability to increase although we haven't seen anything widespread. Based on customer feedback and our teams' ability to complete testing in an expedited manner by working around the clock, we've gone ahead and released this update early to help better protect customers from this threat," revealed Christopher Budd, Security Program Manger with MSRC.
According to the Redmond Company, Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2, Windows Server 2003 for Itanium-based Systems, Windows Server 2003 with SP1 for Itanium-based Systems, and Windows Server 2003 with SP2 for Itanium-based Systems, Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 and both 32-bit and 64-bit editions of Windows Vista are all affected.
However, Microsoft did not only patch the Windows Animated Cursor Remote Code Execution Vulnerability, but also six other GDI vulnerabilities. However, only the .ANI file format vulnerability received a Critical severity level and it is the only one that, in the eventuality of a successful exploit, will allow for remote code execution.
The additional security updates released with the MS07-017 bulletin are as follows:
- GDI Local Elevation of Privilege Vulnerability - CVE-2006-5758 - Elevation of Privilege - Important - WMF Denial of Service Vulnerability CVE-2007-1211 - Denial of Service - Moderate - EMF Elevation of Privilege Vulnerability CVE-2007-1212 - Elevation of Privilege - Important - GDI Invalid Window Size Elevation of Privilege Vulnerability CVE-2006-5586 - Elevation of Privilege - Important - GDI Incorrect Parameter Local Elevation of Privilege Vulnerability - CVE-2007-1215 - Elevation of Privilege - Important - Font Rasterizer Vulnerability - CVE-2007-1213 - Elevation of Privilege
"Although Microsoft has now issued a patch against this critical vulnerability, it is unlikely that we have seen the last of hackers' attempts to exploit the security flaw," said Graham Cluley, senior technology consultant at Sophos. "It is essential that every Windows computer is patched against this security hole, as cybercrimals are hell-bent on using flaws like this to break into as many computers as possible in their pursuit of hard cash."