Home / Technology / Windows Zero-Day Security Hole Does Damage

Windows Zero-Day Security Hole Does Damage

April 01, 2007 by
TheCaptain  
TheCaptain
TheCaptain
  • Published Content: 136
  • Total Views: 75,683
  • Favorited By: 1 CPs
Full Profile | Subscribe | Add to Favorites
Single page
Font Size
Post a comment

Window's Worst Security Failing Since 2005

A dangerous security hole has been found in both old and new versions of Windows, which has caused a great deal of grief over the past few weeks. The hole, known as the zero-day bug, takes advantage of Microsoft's animated cursor, and enables websites and email messages to install malicious softwar
Windows Zero-Day Security Hole Does Damage
e on your computer. It is the worst problem of its kind since the Windows Metafile incident two years ago.

The animated cursor is a basic function that allows simple animations to be shown in the position of the cursor. It goes back a long way, and has never proved to be much of a problem, but a recent discovery enabled it to become a portal for malware to use to enter the computer. What makes the problem so scary is the fact that the damage can be done instantly, after merely accessing a web page.

Typically, infections enter the computer after the user has gone to a bad website or opened a malicious email. The hole then lets boatloads of spyware, viruses, and Trojan Horses onto the computer, quickly reducing it to a mess. Unlike traditional viruses, one does not have to actually open a file, but can get it merely by opening an email.

Currently, the hole is primarily being exploited through Microsoft's Internet Explorer, versions 6 and 7. Mozilla Firefix users are immune. Similarly, Microsoft's Outlook Express and Windows Mail (Vista) are immune to damage, since they preview messages, rather than opening them. This is an interesting reversal, since ordinarily Outlook is most vulnerable to viruses, being one of the most widely used email clients.

Microsoft has not yet released a patch for the bug. According to its normal release schedule, it would release a patch on April 10, but due to the gravity of the situation, it might act sooner than that. Already, EEye, a digital security company, has offered a patch as a stopgap measure. Their patch works by preventing any animated cursors from being installed on the system, and is designed to uninstall itself when the real Microsoft patch comes along.

Page: 1 2 Next »
 Print   Save   Next Technology piece
RelatedRecommendedFeaturedMore By This Content Producer
Make a Pane Glass Window Table
If you have an old pane glass window and you don't know what to do with it, don't throw it away. You can turn an old pane glass window into a beautiful end table or coffee table.
By Crystal Ray  |  Published 8/18/2006  |  Read more »
Vintage Window Wall Sconce Craft Project
This vintage window wall sconce is a simple and easy craft project that you can use to decorate your home with. The materials for this vintage window wall sconce can be bought at your local home improvement store, and flea market.
By RS  |  Published 10/28/2006  |  Read more »
Top Rated Window Air Conditioners
Today's window air conditioning units are quieter and more efficient than previous models. There are several ways that you can tell you are getting the best value for the money.
By Walt Crocker  |  Published 8/10/2006  |  Read more »
Decorate the Window in Your Kid's Room With a Rainbow
Create a rainbow window picture to glow in the sun as it shine through your window.
By Kidsemag.com  |  Published 1/24/2006  |  Read more »
How to Make a Fake Window for Your Home
Rooms without a window look dreary but you can add a touch of brightness with a fake window that's easy to create.
By Emma S.  |  Published 12/30/2005  |  Read more »
You may also like...
Takeaways
  • Currently, the hole is primarily being exploited through Microsoft's Internet Explorer, versions 6 a
  • Mozilla Firefox and Outlook are immune.
 
 
Comments
Type in Your Comments Below

Have more to say?
Become a Content Producer on AC