Serious Vulnerability Affects All Recent Windows Versions

A very serious vulnerability affecting all recent versions of Windows, including Vista has been found in the wild and is actively infecting users.

Microsoft has confirmed the vulnerability in a security advisory and stated the flaw exists in how the system displays animated cursors.

CERT is recommending, "Do not click on unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links. While these are generally good security practices, following these behaviors will not prevent exploitation of this vulnerability in all cases, particularly if a trusted site has been compromised or allows cross-site scripting."

Hopefully Microsoft will release an update for this quickly. In the mean time they haven't done much but post a security advisory.

Be sure you have your anti-virus up to date and keep checking microsoftupdate.microsoft.com for a critical update.

[Vulnerability Note VU#191609 Microsoft Windows animated cursor ANI header stack buffer overflow]