Patch for ANI Cursor Vulnerability
An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.
|
0.00 
Freeware
0K
Windows XP/Vista 
An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.
This vulnerability requires user interaction by viewing a malicious Windows animated cursor (.ANI) file. .ANI files are commonly used by web developers to display custom cursor animations to enhance web-site experiences.
The most potent attack method is by embedding a malicious .ANI file within an HTML web page. Doing so allows the vulnerability to be exploited with minimal user interaction by simply coaxing a user to follow a hyperlink and visit a malicious web site. Other exploit vectors exist including Microsoft Office applications since they also rely on the same .ANI processing code, making e-mail delivery also a potent threat by using Microsoft Office attachments.
Since .ANI processing is performed by USER32.dll and not the attack vector application itself, all attack vectors have the potential to use a similar exploit with similar address offsets targeted at Windows directly, allowing for a very reliable exploit.
Users who install this patch should note:
• This patch is a temporary fix and should be removed before the official Microsoft patch is installed.
• It is recommended that users test this patch thoroughly before installing.
• This patch only supports Windows 2, Windows XP, Windows Server 2003, and Windows Vista.
• This patch will not work on x64 or Itanium architectures.
• To install silently run this command:
WindowsAnimationPatchSetup.exe /qn
• To uninstall silently run this command:
msiexec /qn /x {DFEF2523-72D0-483F-A1C2-FC29B71B166A}
• This patch includes a checker that will uninstall itself when it detects a Microsoft patch has been installed. To disable the checker, run the installation with this command line (command is case-sensitive): WindowsAnimationPatchSetup.exe NOCHECKER=1
tags
this patch this command silently run run this microsoft patch windowsanimationpatchsetup exe user interaction web site microsoft office ani processing ani file
Download Patch for ANI Cursor Vulnerability
Download Patch for ANI Cursor Vulnerability
Authors software
SecureIIS Personal Edition 2.0.4
eEye Digital Security
SecureIIS™ Web Server Protection - Personal Edition provides unmatched firewall, intrusion and application protection to guard your Microsoft web servers against worms, buffer overflows, hybrid attacks and other types of known and unknown threats.
eEye’s Temporary Workaround 1.0
eEye Digital Security
eEye Digital Security is advising customers to the existence of exploit code that targets a critical security vulnerability in Microsoft Internet Explorer.
Patch for ANI Cursor Vulnerability
eEye Digital Security
An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.
Similar software
Patch for ANI Cursor Vulnerability
eEye Digital Security
An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user.
JPEGScan 1.01
DiamondCS
On September 14 2004, Nick DeBaggis discovered a buffer overrun vulnerability in gdiplus.
Microsoft WMF Security Patch
Microsoft Corporation
A remote code execution security issue has been identified in the Graphics Rendering Engine that could allow an attacker to remotely compromise your Windows-based system and gain control over it.
eEye’s Temporary Workaround 1.0
eEye Digital Security
eEye Digital Security is advising customers to the existence of exploit code that targets a critical security vulnerability in Microsoft Internet Explorer.
Execute This! 1.3.0
Cyntrigal
Execute This is a lightweight remote execution tool.
VNC Flaw Test 2.0
IntelliNavigator Inc
VNC Flaw Test - Test your VNC installations for vulnerability
It was almost over a month ago that we discovered a major vulnerability in VNC 4.
Remote Desktop Manager 2019.1
Devolutions inc.
Remote Desktop Manager is a small program used to manage all your remote connection.
W32.Welchia.Worm Removal Tool 1.06
Symantec
W32.
Microsoft Remote Desktop Connection 1.0.3
Microsoft Corp.
Remote Desktop in Windows XP Professional provides remote access to the desktop of your computer running Windows XP Professional, from a computer at another location.
SecureCentral ScanFi Free Edition 4.1
AdventNet Inc.
ScanFi is a web-based vulnerability assessment scanner for detecting and assessing network vulnerabilities across heterogeneous networks.
Other software in this category
Folder Size Shell Extension 3.2
Space Dolphin
Folder Size Shell Extension is a handy shell extension that adds a new tab to the Properties dialog that displays a folder`s or drive`s size.
MouseCam 1.0
CamTech
MouseCam is a free little tool that zooms everything your cursor is over up to 20 times its normal size.
Microsoft Windows XP Plus! Service Pack 1
Microsoft Corp.
Microsoft has released an update for its addon utility: Microsoft Plus! designed for the Windows XP operating system.
ServiceManager 1.00
L5 Software Group, LLC
ServiceManager is an application designed to allow System Administrators, Developers and Power Users an easy means to view, modify or remove services and their information.
Command Finder 1.0
UCG Media
UCG Command Finder was created as a compliment for the Universal Command Guide to make it even easier, when you need a command, to find it.
RSS