Linked by Thom Holwerda on Mon 2nd Apr 2007 21:05 UTC, submitted by Dale Smoker
Microsoft has decided to rush out a fix for a flaw in Windows, saying that the problem has become too serious to ignore. The flaw, which will be patched on Tuesday, was originally disclosed to Microsoft in December, but it was not publicly reported until last week. The bug lies in the way Windows processes .ani Animated Cursor files, which are used to create cartoon-like cursors in Windows.
Permalink for comment 226792
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-07-12
>> However this has to be, by far, the funniest
>> securiety threat i've heard to date!
Oh I don't know... the .jpg buffer overflow that effected EVERY operating system that used the reference code - meaning linux, MacOS and Windows - was a bit funnier IMHO.
I suspect this is something similar, where a programmer got lazy and didn't bother with range checking. I'm often amazed at how often programmers will try to save a few clocks by not bothering with making sure memory accesses don't go out of the expected range, especially on image decoders.