Windows ANI Workaround Updated as Exploit Mutates
eEye has updated its workaround for the Windows animated cursor flawa flaw that some are claiming is responsible for the first real remote code execution exploit on Vista.
The updated eEye patch is available here.
eEye's workaround is temporary, meant to tide users over until Microsoft comes out with its official patch. Microsoft has jumped its regular patch schedule to release its fix for the ANI flaw and will deliver that patch on Tuesday, April 3.
Microsoft managed to rush the patch out only after McAfee made it public last week. Microsoft has made it clear that it has known about the flaw since December. The company over the weekend posted a list of answers to frequent ANI-related questions it has been receiving, one of which said that the company was first alerted to the Windows animated cursor vulnerability on Dec. 20 by a security researcher at Determina.
In Microsoft's statements regarding the ANI attack, the company has grumbled about irresponsible disclosure: a not-too-well-hidden rebuke to McAfee.