Why I Hate Microsoft, Reason 521,047
Heads up, Windows users. There is a new - critical - security update that you must install as soon as possible. Update KB925902 addresses a major security flaw in Windows (that is what it is for Windows XP, I have no idea whether it is the same for Vista. BOTH operating systems are vulnerable.). Believe it or not, hackers can gain control of your computer through the cursor, of all things.
Microsoft was so worried about the hole — which allowed hackers to break into personal computers and install malicious software — that it pushed out the critical security fix a week ahead of a regularly scheduled update.
The Redmond-based software company told customers last Thursday about a vulnerability in ".ani" files, which are used to change the cursor into an hourglass while a program works, or into a dancing animal or other animation on specially designed Web sites. Security experts said the hole was actively being exploited by hackers to install keystroke-logging programs.
Ken Dunham, director of the rapid response team at iDefense, the research division of VeriSign Inc., said a group of Chinese hackers was using the security hole to steal and sell log-ins to the popular "World of Warcraft" multiplayer computer game.
Microsoft said it has known about the vulnerability since December.
Get ye to the Windows update site and get the patch. This appears to already be a fairly large - and rapidly growing - problem. And I now have to rebott the system, the patch has been downloaded and installed on this computer.
Geek Stuff | Gaius Wednesday, 4 April , 2007
By Quilly Mammoth, Wednesday, 4 April , 2007 @ 9:19 am
Firefox.
By Sylvia, Thursday, 5 April , 2007 @ 8:04 am
It’s nice they finally decided to issue a patch — my DH remembers a conversation a few years ago about the .ani vulnerability…
Got the whole family laughing this morning about that squirrel photo. We really enjoy your particular mix of posts.
By Gaius, Thursday, 5 April , 2007 @ 8:18 am
Thanks for the kind words.