Regarding Microsoft security advisory 935423:
Microsoft is investigating new public reports of targeted attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.
This security advisory was released today.
UPDATE: More on this from Secunia:
Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an unspecified error in the handling of animated cursors and can e.g. be exploited by tricking a user into visiting a malicious website using Internet Explorer or opening a malicious e-mail message.
Successful exploitation allows execution of arbitrary code.
NOTE: The vulnerability is currently being actively exploited.
UPDATE 2: Here is more info from Symantec. Their customers are apparently covered for this exploit.
[tags]935423, Microsoft Advisory, Animated Cursor, ANI[/tags]
