There are new reports of targeted attacks using a vulnerability in the way Microsoft Windows handles animated cursor (.ANI) files.
These animated cursor files can be hosted on websites and will be triggered upon visiting such sites. They can also be embedded in specially crafted e-mails or attachments within the e-mail.
A sample that is possibly related to this has been obtained and is detected as Exploit:W32/Ani.C since update 2007-03-29_09. This sample downloads a copy of a Trojan that has already been detected as Trojan-Downloader.Win32.Small.ELA.
Until a patch is released, exercise caution when surfing and opening attachments in e-mail.
