From: Ritchey, Gail (COT)
Sent: Thursday, April 05, 2007 10:44 AM
To: COT Constitutional CIO Security Contacts; COT Cabinet CIO Security Contacts; COT Commonwealth Technology Council
Cc: COT Exchange Administrators; COT Security Alert Contacts; COT Security Contact COT-Support; COT Security Contact Pass; COT Security Contact Self-Support; COT Technical Contacts; SecurityContacts Group
Subject: COT Alert: Windows Animated Cursor Exploit
COT Security Alert
US-CERT, (United States Computer Emergency Readiness Team), has issued an alert for an exploit which has affected several machines within state government. The alert addresses the ANI Animated Cursor Handling exploit which attacks a weakness in Windows integrated cursor functionality. Attackers have constructed malicious cursor or icon files that are activated when a user visits a malicious web site or views a specially crafted e-mail message.
Microsoft has released updates to address these and other vulnerabilities in Windows as part of Microsoft Security Bulletin MS07-017 released Tuesday, April 3rd, 2007. McAfee has also provided protection for this vulnerability since last week. More information can be found in the Microsoft Security Bulletin, located at http://www.microsoft.com/technet/security/bulletin/ms07-017.mspx . NOTICE: COT is providing this information so that you are aware of the latest security threats, vulnerabilities, software patches, etc. You should consult with your network administrator or other technical resources to ensure that the appropriate actions for these alerts are followed. If you are a network administrator and need additional information, please call the Help Desk at 502.564.7576.
Security Administration Branch
Division of Technical Services
Commonwealth Office of Technology
1266 Louisville Rd., Perimeter Park
Frankfort, KY 40601
Commonwealth Service Desk Phone: 502.564.7576
CommonwealthServiceDesk@ky.gov
COTSecurityServicesISS@ky.gov