0-Day vuln Exploit in the wild - Animated Cursor
FYI...
> http://www.websense.com/securitylabs...hp?AlertID=762
March 29, 2007 ~ "WebsenseŽ Security Labs™ is currently monitoring an unpatched (0-day) vulnerability in Microsoft Windows. No user interaction is necessary for the exploit to be successful. A computer may become infected by simply visiting a malicious website. This vulnerability exists in the way animated cursors are processed, and is very similar to MS05-002 ( http://www.microsoft.com/technet/sec.../MS05-002.mspx ) which was patched by Microsoft in early 2005. At this time, we are aware of 9 different sites hosting the new exploit. We will continue to monitor for any additional sites, as we expect the exploit's usage to increase. One of the sites involved is the same one which targeted Dolphin Stadium during the Super Bowl. It is likely that the same group is behind the current attack. Additional details on the vulnerability are available from Microsoft Security Advisory #935423: http://www.microsoft.com/technet/sec...ry/935423.mspx ."
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1765
