Dell may have picked the perfect time to begin offering Linux-powered desktops. Why? Because, the next generation of Windows, Vista, has just sprung its first major security leak: the .ANI vulnerability.
"ANI" stands for Animated Cursor Image format. When any version of Windows from NT to Vista opens up a corrupt ANI file with USER32.DLL, the program that loads ANIs, youve just turned your computer over to the malwares author. You can be smacked by it by opening a Web page or HTML email message thats been loaded with an ANI attack.
How bad is it? According to Determina Security Research, the company that discovered it in back December of 2005, the .ANI vulnerability lets attacks run code remotely just as if they were the logged in user.
All this from a trivial toy of a program that makes your cursor do pretty things!