Well, the posting is up. Time to evaluate and patch. Enjoy.
From Microsoft:
This update resolves several newly discovered, publicly disclosed and privately reported vulnerabilities as well as additional issues discovered through internal investigations. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin.
An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Note The Windows Animated Cursor Remote Code Execution Vulnerability – CVE-2007-0038 is currently being exploited and was previously discussed by Microsoft Security Advisory 935423.
[tags]MS01-017, GDI, ANI, [/tags]
