Patch for ANI Cursor Vulnerability

Patch for ANI Cursor Vulnerability Screenshot An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.

Developer:   eEye Digital Security
      software by eEye Digital Security →
Price:  0.00
License:   Freeware
File size:   0K
Language:   
OS:   Windows XP/Vista (?)
Rating:   0 /5 (0 votes)

An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.

This vulnerability requires user interaction by viewing a malicious Windows animated cursor (.ANI) file. .ANI files are commonly used by web developers to display custom cursor animations to enhance web-site experiences.

The most potent attack method is by embedding a malicious .ANI file within an HTML web page. Doing so allows the vulnerability to be exploited with minimal user interaction by simply coaxing a user to follow a hyperlink and visit a malicious web site. Other exploit vectors exist including Microsoft Office applications since they also rely on the same .ANI processing code, making e-mail delivery also a potent threat by using Microsoft Office attachments.

Since .ANI processing is performed by USER32.dll and not the attack vector application itself, all attack vectors have the potential to use a similar exploit with similar address offsets targeted at Windows directly, allowing for a very reliable exploit.

Users who install this patch should note:
• This patch is a temporary fix and should be removed before the official Microsoft patch is installed.
• It is recommended that users test this patch thoroughly before installing.
• This patch only supports Windows 2, Windows XP, Windows Server 2003, and Windows Vista.
• This patch will not work on x64 or Itanium architectures.
• To install silently run this command:
WindowsAnimationPatchSetup.exe /qn
• To uninstall silently run this command:
msiexec /qn /x {DFEF2523-72D0-483F-A1C2-FC29B71B166A}
• This patch includes a checker that will uninstall itself when it detects a Microsoft patch has been installed. To disable the checker, run the installation with this command line (command is case-sensitive): WindowsAnimationPatchSetup.exe NOCHECKER=1

tags this patch  this command  silently run  run this  microsoft patch  windowsanimationpatchsetup exe  user interaction  web site  microsoft office  ani processing  ani file  

Patch for ANI Cursor Vulnerability screenshot


Download Patch for ANI Cursor Vulnerability

 Download Patch for ANI Cursor Vulnerability


Authors software

SecureIIS Personal Edition 2.0.4 SecureIIS Personal Edition 2.0.4
eEye Digital Security

SecureIIS™ Web Server Protection - Personal Edition provides unmatched firewall, intrusion and application protection to guard your Microsoft web servers against worms, buffer overflows, hybrid attacks and other types of known and unknown threats.

eEye’s Temporary Workaround 1.0 eEye’s Temporary Workaround 1.0
eEye Digital Security

eEye Digital Security is advising customers to the existence of exploit code that targets a critical security vulnerability in Microsoft Internet Explorer.

Patch for ANI Cursor Vulnerability Patch for ANI Cursor Vulnerability
eEye Digital Security

An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.

Similar software

Patch for ANI Cursor Vulnerability Patch for ANI Cursor Vulnerability
eEye Digital Security

An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.

eEye’s Temporary Workaround 1.0 eEye’s Temporary Workaround 1.0
eEye Digital Security

eEye Digital Security is advising customers to the existence of exploit code that targets a critical security vulnerability in Microsoft Internet Explorer.

Determina Fix for CVE-2006-1359 1.0 Determina Fix for CVE-2006-1359 1.0
Determina

Based on the same technology used in the VPS LiveShield product, Determina has engineered a standalone fix that provides free and immediate protection to users worldwide that need to protect systems from related attacks until such time as Microsoft issues its own patch.

DCOMbobulator 2.01 DCOMbobulator 2.01
GRC

What is DCOM? Windows employs a component-based system to help programmers manage Windows' complexity.

PATCHifier 1.0 PATCHifier 1.0
TEFASOFT

PATCHifier is a very customizable patch organizer/installer for the Windows platform.

Universal Msn Polygamy 1.0 Universal Msn Polygamy 1.0
VulturZ Inc.

This Patch allows you to run multiple Msn's at 1 time.

WinRAR 3.40 GUI Patch 1.0 WinRAR 3.40 GUI Patch 1.0
Neowin

Made by Neowin's own SentientPC, the WinRAR GUI Patch provides users of WinRAR 3.

Warez Acceleration Patch 5.0.8 Warez Acceleration Patch 5.0.8
Download Boosters

Warez P2P Acceleration Patch is a useful add-on for Warez P2P Client.

Vista Visual Styles Pack 6.0 Vista Visual Styles Pack 6.0
Mr. Windows X

Change your old Windows XP theme to look like Vista using MSStyles! Plus you don't need to download any software to do it either (so your computer won't get messed up!).

DC++ Acceleration Patch 5.9.0 DC++ Acceleration Patch 5.9.0
DOWNLOAD BOOSTERS

DC++ Acceleration Patch is an exceptional download-acceleration application that will help you by boosting DC++ downloads spectacularly.

Other software in this category

Folder Size Shell Extension 3.2 Folder Size Shell Extension 3.2
Space Dolphin

Folder Size Shell Extension is a handy shell extension that adds a new tab to the Properties dialog that displays a folder`s or drive`s size.

MouseCam 1.0 MouseCam 1.0
CamTech

MouseCam is a free little tool that zooms everything your cursor is over up to 20 times its normal size.

Microsoft Windows XP Plus! Service Pack 1 Microsoft Windows XP Plus! Service Pack 1
Microsoft Corp.

Microsoft has released an update for its addon utility: Microsoft Plus! designed for the Windows XP operating system.

ServiceManager 1.00 ServiceManager 1.00
L5 Software Group, LLC

ServiceManager is an application designed to allow System Administrators, Developers and Power Users an easy means to view, modify or remove services and their information.

Command Finder 1.0 Command Finder 1.0
UCG Media

UCG Command Finder was created as a compliment for the Universal Command Guide to make it even easier, when you need a command, to find it.