- Microsoft Windows
- Microsoft Internet Explorer
- Microsoft Outlook
- Microsoft Outlook Express
- Microsoft Windows Mail
- Microsoft Windows Explorer
A vulnerability exists in Microsoft Windows that could allow an attacker to gain control of your computer. This vulnerability is being actively exploited.
Until you are able to install updates, the following may reduce the chances of successful exploitation:
- Do not follow unsolicited or suspicious linksDo not click unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links.
- Do not open or read untrusted emailDo not open or read email that comes from unknown or untrusted sources.
A vulnerability exists in Microsoft Windows that could allow an attacker to gain control of your computer. This vulnerability occurs when Microsoft Windows processes malicious animated cursor files. An attacker could exploit this vulnerability by convincing you to visit a malicious web site or open a malicious email message.
US-CERT is tracking this issue as VU#191609.
- US-CERT Technical Cyber Security Alert TA07-089A - <http://www.us-cert.gov/cas/techalerts/TA07-089A.html>
- US-CERT Technical Cyber Security Alert TA07-093A - <http://www.us-cert.gov/cas/techalerts/TA07-093A.html>
- Vulnerability Note VU#191609 - <http://www.kb.cert.org/vuls/id/191609>
- Microsoft Security Bulletin MS07-017 - <http://www.microsoft.com/technet/security/Bulletin/ms07-017.mspx>
- Microsoft Security Advisory (935423) - <http://www.microsoft.com/technet/security/advisory/935423.mspx>
- Unpatched Drive-By Exploit Found On The Web - <http://www.avertlabs.com/research/blog/?p=230>
- TROJ_ANICHMOO.AX - Description and Solution - <http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FANICMOO%2EAX>
March 30, 2007: Initial release
April 3, 2007: Updated with release of MS07-017. Title changed, previous title was "Microsoft Windows ANI Vulnerability."