14 DAY TRIAL // It took Microsoft more than three months to come up with a patch for the Windows Animated Cursor Handling critical vulnerability but not until the flaw began being exploited in the wild. On the first day of April, Microsoft Security Response Center revealed that the company would make available an out of band security update that will address the .ani files vulnerability.
"On Tuesday 3 April 2007 Microsoft is planning to release one Microsoft Security Bulletin affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer," reads an excerpt of the Microsoft Security Bulletin Advance Notification published on April 1, 2007.
Christopher Budd, MSRC security program manager, revealed that Microsoft has been actively monitoring the situation since exploits have been initially reported and that throughout the weekend, "attacks against this vulnerability have increased somewhat." The Redmond Company failed to provide the true extent of "somewhat," but the growing volume of attacks coupled with the public disclosure of proof-of-concept code and with customer feedback have convinced Microsoft to issue an out of band patch.
"I'm sure one question in people's minds is how we're able to release an update for this issue so quickly. I mentioned on Friday that this issue was first brought to us in late December 2006 and we've been working on our investigation and a security update since then. This update was previously scheduled for release as part of the April monthly release on April 10, 2007. Due to the increased risk to customers from these latest attacks, we were able to expedite our testing to ensure an update is ready for broad distribution sooner than April 10," Budd stated.
However, MSRC also informed of the possibility that the update designed to tackle the Windows Animated Cursor Handling vulnerability would not be issued as planed on April 3, due to quality concerns.