F-Secure corporation warns computer users of the recently discovered Windows Animated Cursor Handling vulnerability, also known as the ANI exploit. The exploit was first discovered on Friday. It is related to the cursor animation files used by Windows.
Over the weekend the amount of attacks using this exploit have
intensified. Majority of the attacks have been traced back to
different Chinese hacker groups.
Microsoft has not yet released a patch against the
vulnerability. For now, the best way for end users to protect
themselves is to use an antivirus product to block the malicious
ANI files.
"We’ve seen a lot of activity relating to the ANI exploit during
the weekend", says Mikko Hypponen, the Chief Research Officer at
F-Secure. "This vulnerability is really tempting for the bad guys.
It's easy to modify the exploit, and it can be launched via web or
email fairly easily. We hope to see Microsoft release a patch for
this exploit very soon."
Most of the activity around the ANI exploit has been via dozens
of malicious websites that will attack the user if he visits the
page with the most common versions of Internet Explorer. However,
on Sunday the first worm using this exploit to spread was
found.
F-Secure's security products detect and block the known versions
of the ANI exploits and worms.
About F-Secure Corporation
F-Secure Corporation protects consumers and businesses against
computer viruses and other threats from the Internet and mobile
networks. We want to be the most reliable provider of security
services in the market. One way to demonstrate this is the speed of
our response. According to independent studies in 2004, 2005 and
2006 our response time to new threats is significantly faster than
our major competitors. Our award-winning solutions are available
for workstations, gateways, servers and mobile phones. They include
antivirus and desktop firewall with intrusion prevention, antispam
and antispyware solutions. Founded in 1988, F-Secure has been
listed on the Helsinki Exchanges since 1999, and has been
consistently growing faster than all its publicly listed
competitors. F-Secure headquarters are in Helsinki, Finland, and we
have regional offices around the world. F-Secure protection is also
available as a service through major ISPs, such as Deutsche
Telekom, France Telecom, PCCW and Charter Communications. F-Secure
is the global market leader in mobile phone protection provided
through mobile operators, such as T-Mobile and Swisscom and mobile
handset manufacturers such as Nokia. The latest real-time virus
threat scenario news are available at the F-Secure Data Security
Lab weblog at
http://www.f-secure.com/weblog/
For more information, please contact:
Mikko Hypponen, Chief Research Officer
F-Secure Corporation
Tel. +358 400 648180
Email: firstname.lastname@f-secure.com
