[LINK] Animated cursor flaw in All Windows

[Rick Welykochy]

In spite of all the chest pounding, flag waving and motherhood-and-
apple-pie assurances that the combination of Windows Vista and IE 7.0
are a sure winner to provide Windows customers with a "secure online
experience" (an oxymoron, that one), a new flaw has been discovered.

This time, your Winders box can be owned by simply visiting an
attacking web site.


http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx

    An attacker who successfully exploited the most severe of these
    vulnerabilities could take complete control of an affected system.
    An attacker could then install programs; view, change, or delete
    data; or create new accounts with full user rights.


http://reviews.cnet.com/4520-6600_7-6722377-1.html

    Users need not do anything but visit a compromised site to
    become infected. Antivirus vendor F-Secure reports there's
    also a worm associated with this vulnerability.


Consider the possibility of millions of owned machines in the next
few months (not to mentioned years). Key-loggers, spam, zombies, the
whole lot, presented on a platter to the criminal underground in
Eastern Europe, ready to pick their way through the online riches of
the West. All courtesy of one operating system!

By Mickeysoft's own admission, this exploit is CRITICAL. Their own
liability hovers at around zero. Simply astounding, isn't it?

Start the class action now, before it is too late.

cheers
rickw



-- 
_________________________________
Rick Welykochy || Praxis Services


Ease of use over security loses every time.
      -- rick welykochy