edit:

M$ = Microcrap

Vista sucks.

I love Steve Jobs

For those that missed it, exploit already exists in e-mail form. Just needs to be opened:
http://tinyurl.com/3clxwg

This can be fixed with either TweakNow Pro or the 9.0 version of XSetup Pro. The problem is in the boot comfiguration. I'm now using a cursor from Stardock Cursor Plus with no problems.

BWWWAAAAA!!!!!

Completely overblown. Read the comments on the post.

Yes, it's an issue that should be fixed. No, it doesn't crash the OS, but rather, the shell. Anyone can crash Explorer without malware.

Heck, I can simply load some commercial apps -- like McAfee's own bloated antivirus -- and crash Explorer.

It's also not clear if UAC was disabled, and if it was, how Explorer would behave with UAC enabled.

Lastly, if you run Explorer as a separate process -- which is not the default -- an Explorer crash will not destabilize the system.

From a rational comment on the blog:
>>>
While the core vulnerability exists in Vista, it is mitigated by several factors; IE7 Protected Mode (via the MIC model wherein IE7 runs with low integrity, and communicates with higher integrity components through a broker process, thus protecting the shell and other processes from this attack) and by UAC which, even if IE Protected Mode is disabled, will only allow the exploit the privileges of a standard user, making it far easier to recover from an attack.

Also, this video is not showing an OS crash-restart as is claimed but is showing a shell (explorer.exe) crash restart. Launch taskmanager from the winlogon desktop, starting a command prompt and delete the offending file from the profile desktop folder. If a trojan was installed, provided UAC is enabled, and this attack was instigated from a non-elevated process, the scope would be limited to user profile autostart entries in the registry and AV/anti-malware would easily mitigate (or one could easily manually remove the malware via autoruns or similar tool).

On XP this is a far more serious issue as those protection mechanisms don’t exist and the user is likely running with unrestricted admin privileges. In short, highlighting Vista may make for more dramatic coverage, but ultimately Vista’s default security settings and mechanisms work to mitigate this vulnerability exactly as advertised.

Vista SP1 should be out now and you know it. These are far from being the only problems with Vista. Another beta OS release from Microsoft.

Care to name a few major ones that require a SP, or are you just trolling?

More reasons for me to spend my $300 on a "SECURE" os. NOT.

Misleading and inappropriate title to this article. The title implies VISTA only. When they list that nearly all MS's OSs are affected.

* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 2
* Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003
* Microsoft Windows Server 2003 for Itanium-based Systems
* Microsoft Windows Server 2003 Service Pack 1
* Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows Vista

What is very disturbing about this revelation, however, is that it can be triggered by nothing more than Microsoft's own operating system software and processes.

Every exploit known to man exploits a systems software or processes. That statement makes no sense. And it's not self-triggering, it still requires a 3rd party custom cursor.

I'm not saying that MS didn't royally screw the pooch on this, but trying to claim that it requires nothing but Microsoft's own software is a flat-out lie. It *requires* a 3rd party malformed animated cursor.

Their QA should have caught this, but let's get some perspective, folks. This isn't going to affect any but a few folks.

In terms of affect to the total number of users, this will have statistically no impact other than a couple of folks who dislike MS get to jump around like retards at the zoo(See below).

Well, I'm trying to swallow the phrase "flat out lie" as though you didn't really mean I was lying, or something that idiotic or outrageous, so I can reply to you in a more civil tone:

An .ANI file is a document. It's registered as such in the System Registry. Thus just like other documents that trigger software processes to do unwanted things like crash, this one does as well. Just because people other than Microsoft produce documents does not mean this is a third-party exploit, otherwise every Outlook exploit there ever was could be excused by Microsoft by saying, "Folks, we don't write e-mails."

-SF3

hehe...was all I could say. The story is amusing and not new, so I don't really understand why it's new. Maybe because it still "exists" in Vista?

All we have to do is avoid the software that messes around with the GUI? Hmm, not hard if we plan to use Vista and a new gui that is very appealing. :)

Strange thing though, how that configuration mentioned above is ALMOST like mine...or maybe it's just Synaptics is all over the place :D. I just use a different WXP gui alteration than the one mentioned...and suffer no crash because it is better coded.

You and I both know it doesn't work like that, or at least, I would hope you do.

It doesn't matter if it's an application, library, or document, contains it's own functionality, or relies solely on the functionality of the environment in which it is used.

Programs and operating systems are created to do something, with specific functionality in mind. They are not created to *not* do something the developer never intended, or even imagined. They can excuse it because it does what it was intended to do, display email, or, in this case, animated cursors.

I understand the .ANI file is not a program. I simply don't think that it makes any difference. This exploit, along with the vast majority of others out there, programs or not, require intended malice on the part of the creator of the malformed cursor.

Sure, it doesn't require a 3rd party application. But it does require something *other* than Microsoft's processes and software. Your claim may have only been directed at making the point that it had no processes of it's own, but that's not how it was written.

PC_Tool must be a hammer...because he hit the nail on the head.

I'm sorry, but this is not exactly true. There are two major classes of exploit: Programs that can attack the system, and Data that can attack a program.

It's almost impossible to protect against a malicious program. Viruses and Spyware run rampant, and if a user allows them to run it's difficult if not impossible to prevent them from harming the computer.

But it is relatively easy to prevent malicious data to attack the system. Malicious data should be preventable... programs should check the data before running it, should confirm that the input data is valid. Insecure programmers and permissive programming languages are what allow bad data to harm the system.

So the point is that a Microsoft system driver, a driver that is critical to the second-to-second operation of the computer, a system driver that needs to function even when everything else is crashing... is NOT checking its input data.

That is worse than having a third-party driver, written by some random mouse manufacturing company, being poorly written. This is a Microsoft driver, written by a company that should know what portions need to be most secure, screwing up and RE-INTRODUCING a bug they already fixed years before.

Inexcusable.

'm sorry, but this is not exactly true.

Not quite sure what you're referencing here, so I'll leave it be...

It's almost impossible to protect against a malicious program.

Don't download it, don't run it. Sounds easy enough to me. (/joke, I get your point about the difficulty of hardening an OS against malicious programs)

This is a Microsoft driver, written by a company that should know what portions need to be most secure, screwing up and RE-INTRODUCING a bug they already fixed years before.

While I'm *sure* their mouse drivers we're at the *top* of their list on security measures (/sarcasm), I never once claimed this wasn't a screw-up of massive proportions on their part.

I was pointing out the incorrectness of a statement made in the article, not debating whether or not Microsoft is at fault. I think it's pretty obvious they messed up to everyone here.

"... to jump around like retards at the zoo"

and thus any notion that "PC" stood for "politically correct" was dismissed. :D

Oh, hell...that went out the door eons ago.... :p

What? No-one here listens to the Dead Milkmen?

"Programs and operating systems are created to do something, with specific functionality in mind."

Wonderful concept.

Now if Windows could just focus on actually doing it, and if Linux could figure out what the concept of an "application" is.

:-P i do...

the obvious solution here is to take away peoples ability to add animated cursors, they annoy the hell out of every tech i know. they are cutesy crap and nothing critical....

Works for me.

Well he is right, of course. But if we dare blame the user for clicking the wrong thing...

...see the problem? We can joke about users needing to get a clue before using computers, but if we ever get down to it and act as if it were truley their fault and not microsofts--well, think of the 9th Circuit Court :)

It has to be microsofts problem because individuals can never be blamed for anything. Only groups or entities can, thereby destroying any and all need for personal responsability, accountability, and morality.

MS sucks!!!

(sorry... i scrolled down a bit, and didn't catch any ABM trolls, so i thought i would help ensure your statement)

I'd like to see BetaNews hire on people like yourself as an editor for their articles. While this article does explain how the restart loop works, it fails to explain how one would GET a cursor that causes this. The CursorXP reference is good, but still not very direct.

It's a boring day - I've got nothing to do
Except to get a load of retards and drive 'em to the zoo

Oh oh oh takin' retards to the zoo

Oh oh oh takin' retards to the zoo

'nuff said, heh

Try to keep up:
http://tinyurl.com/3clxwg

Exploits already wild, and are quickly spreading via e-mail.

You know what they say about statistics, PC Tool. :p

I'm shocked. Truely. ;)

Great. TinyURL. Sorry, not interested.

Takes a bit more than that to get me, and please tell me you're not hiding actual information behind that link.

You know no knowledgeable PC user would go there, right?

Yes, keep up, please do. As for statistics? as stated in another thread, there are 6.7 billion people in the world. According to cnet (http://news.com.com/A+bi...100-1003_3-5290988.html), there will be 1 Billion computer users by 2010 (meaning there are less now).

Unless it's affecting over 10,000 users, I really don't care.

not, heh

Emo...

I'm sure it's the car manufacturer's fault if the car crashes because the driver was driving irresponsibly...(/sarcasm)

This has been around since Windows 98?
Oh well..another day, another windows exploit.
This won't affect anything..When you buy a new
PC or laptop your OS has already been chosen
for you. Resistance is futile!

well if you dont use stupid malformed cursors like an idiot you also have nothing to worry about.

WOW!

Here is my question: who NEEDS custom animated cursors so badly that they find some seedy website and grab a KevinFederline.ani? This problem only affects the Grandmas, Trekkies and kitten-lovers of the world.

Seriously, does anyone here download .ANI's from anonymous Star Trek Cursor Web-holes?

Haha.... good one :)

That might make sense, maximum, except that in the video you might have seen, the document that triggered the crash loop doesn't appear on the desktop to be an .ANI file. It looks like something that anyone could name, "Click here for more pictures of Britney Spears' underpants." So it doesn't have to pass itself off as a cursor file in order to be malicious.

And you better watch out what you say about us Trekkies and kitten-lovers.

-SF "Live Long and Meow" 3

LOL

I dig Star Trek. I have no remorse for kittens or grandmothers, however.

Now that you mention Star Trek. Microsoft kind of reminds me of the Borg Collective.

Let's put things in perspective. The damage caused by this bug would be more of a PR disaster than a technical one.

Nevertheless, it is sign of a flawed QA process.

Highly paid, imported programmers - top talent - and this is what you get?

I understand that programming an OS is tough, but how does something like this slip by?

It's been identified as an issue in the past, but they don't fix it? What, don't they know what a CHECK LIST is?

All these years they have been programming this code. Is this the BEST that Microsoft can offer its customers? $399 for the Ultimate Edition and stupid bugs like this still sit right there in the code.

How do some of these people keep their jobs? Honestly?

It seems like they did fix it. But someone must have screwed up by re-checking in old source code into their repository.

you ever try writing an os and checking every possible line of code for a as of yet unthought of exploit?

How do some of these people keep their jobs? Honestly?

Illegally. Remember that MS was found guilty of violating numerous antitrust laws.

It just so happens that the administration changed and the new justice department decided that allowing MS to put windows in all schools for free would be sufficient punishment. That would teach them about competitive innovation.

In the end that didn't happen either. so far as I can tell. there was no corrective action for a company that remains guilty on all counts.

Maybe that is the new us gov't model. No longer a republic, but an auction block.

Different day, same old song and dance.

ROFLCOPTER @ the comment war going on in here :D

The animated cursors from Stardock do not cause Vista Ultimate to crash, but they do cause a warning message on shutdown and startup. They do the same for desktop themes from Stardock. The themes do appear on the desktop, but are not functional and must be unloaded. There are too many other problems to list.

David and Goliath springs to mind!

lol @ MS

One question....nothing to do with the report. I'm just wondering what is up with all the comments at the bottom? It's rather funny.

I think they are playing "I can pee farther than you can"

And this one is different how?

Do not start with me. I am not going to get into one of your childish arguments.

I know...it is isn't it? I'm laughing so hard I'm in tears...and it isn't really even *that* funny.

It's kinda sad when a program as simple as an animated pointer can cause an OS to go into a crash-restart loop. The fact that it's been a problem since Windows 98 is even worse. It's been 9 years and microsoft still hasn't fixed it? Mind you it is a small exploit, but it's a bug nonetheless and deserves to be look into considering how long it's been plaguing the Windows OS. One would just assume that Microsoft would just stamp out the problem just to say they did it. I guess I expect too much from the company.

One question: who uses animated cursors anymore? Anyone want to admit it? As much as I carped on and on about Vista's EULA, I like the stability of the OS, even over XP. Beware, however, Vista doesn't seem so great on old hardware.

I do. It's the basic green once that cam with Win95. What's the big f'ing deal about animated cursors?

Vista's Aero Basic and Aero Glass interfaces use animated mouse cursors by default.

It is awesome how M$ fans find the way to bias any article that touch god M$.
Micro$oft not only release flawed software but they recycle bugs, that is at least, impressive. It is not the first time they do something like this, how lame!
Microsoft cannot mantain Windows code anymore: Open source is the future.
Microsoft, you started to fade, just turn back or die, slowly.

So a new exploit comes out and you're thinking that Microsoft is fading away? I don't believe it's just that simple.

Microsoft will probably fix the problem and most users will still use it.

Same old story. Nothing new to see here folks.

Lol...Last time I checked Windows is still on the vast majority of computers...Anyway who cares about some stupid animated cursor bug. I mean who downloads cursors? Seriously?

"I mean who downloads cursors?"

From some of the remarks I've read Bill and Steve make over the past year I was under the impression that you Windows users downloaded anything that is put in front of you.

The truth is that there's just 100 million times more things for windows users to download than the other OS's (and MANY more casual users). That's part of the fun of using windows. It's the busy, fun, but more dangerous side of town. You Apple and Linux types in your caves are at least good for a chuckle. Keep at it.

And most users will never realize there was an issue in the first place.

I'm sure some of your favorite software has perpetual bugs that are never fixed. Only the ignorant believe this is unique to MS.

why aren't programmers trying this hard to find exploits in Mac OSX, i'm sure you can find millions ... especially since its based off unix.

Of course since NO ONE buys apple, its a waste of time to find exploits or create them. =\

So the increase in apple laptops being sold means that aliens are buying them?

And yes people spend a large amount of time trying to exploit Linux. What do you think most of the internet servers are run on? LAMP servers. Script-kiddies and exploiters have spent years exploiting LAMP servers, just to deface or break into websites. This has strengthened the core of Linux and their web servers far more then Windows could ever hope for.

The difference here is between what can you do with that exploit. Exploit Linux and you might be able to delete or screw with the user that is logged in. (rarely can you gain escalated privileges to root). Exploit Windows and you are 99% on target to have that user with administrator privileges.

Worst Case Scenario with the majority of exploits out right now:

Exploit with Admin rights on Windows = Dead or Bot-Farm computer

Exploit on Linux = Delete User Account and create new one

Yes, it's true. All these exploits never go hot within a day like they do in windows. I mean, why bother? There actually have been more exploits found in Apple in the last 6 months than in Windows. It's just that no-one bothers to put them into play.

Here we go again...

If OSX is So insignificant, why are you trying to justify MS's mess by commenting on OSX?

Same old rant.

How about dealing with the MS mess. You know, the OS that is so secure they need no anti-virus protection (per MS)! Maybe not, as there are so many internal holes that the main threat is not from 3rd party software!

You definitely have enough to keep you busy!

please cite your source if you didn't make it up. please laso cite a real source and not one that you made up in another comment stream.

I couldn't care less for this "exploit"...

Nevermind everyone.

Its just been announced that this issue doesn't bear notice.

I'm soooo relieved!

That's right everyone, it's not an exploit....it's a feature.

"What is very disturbing about this revelation, however, is that it can be triggered by nothing more than Microsoft's own operating system software and processes."

That is very disturbing actually.

Have tried this several time on differnt Vista machines, all of which do not work. XP does appear to crash

BAHAHA!

Oh man!

At least XP still works. :)

Read more and see it doesn't.

it can be fixed rather easily. enter safe mode, remove the offending file, reboot and voila.

True, but I dont think your casual computer user is going to do that or even know how to do it. Its just disappointing to see the same exploits occur over and over again. Its like MS is not paying close enough attention. Sad state of affairs.

Hey, why can't I get my cass out of the bank? Why is my phone line down? What happened to that life support machine?

Oh, sorry. We had to reboot every server and workstation to "safe mode" (read doesn't do anything) to remove a corrupt icon file.

inexcusable.

BWAHAHAHAHAH
Same old s*** again and again.
Where are the Vista fanboys touting its superiority?
Dont make me laugh. Its the same old sad story. Vista is not a new OS, its just XP SP3 with the same windows exploits.
What a joke.

Why do you not respond to the other comments you make where everyone proves you wrong time and time again?

You are a troll. You read the titles and no further and spout your ignorant comments again and again.

Calling others a fanboy as an insult, and all the while being one yourself is really brilliant.

Thanks for the laugh. Thats a good one...
A Troll calling me a troll???, hahahah

That comment hit a little to close to home?

awwww poor baby, cry some more.

Just ignore "THZGryphontool" , he's a known MS troll. Go bother someone else with your ignorant nonsense.

Wow, intelligent reply. Like GCoder, you took the easy way out again I see with anonymous insults and with no defense for yourself.

And your right back at it jumping through troll hoops again. You cant even comment on the content of the article. LOL

You are the definition of a troll. Dance troll dance for me again by replying with another one of your useless ignorant comments.

(editing your comments so you dont look like a complete ass? dont have the balls to let others read your trolling? Bwahaha

Good job recycling my words, it will definitely make you sound more intelligent.

Interesting you are defining yourself with each reply as well.

Jump.

*edited like each of the trolls.

haha, your still at it? You just made my day by being my little monkey for today. Get off my dik already...hahahahahaha

I know that I made your day.

Jump.

And he needs to defend himself why? At least he commented on the article and wasnt just trolling and insulting others.

It looks like you need defending, and your losing...BAD.

hahahah, nice! Glad to see you know what5 you are! LOL

It is called a reply, that is what you do to comment about a previous comment. If I had a comment on the article I would have posted new comment.

I do not see the relevance about the article in your comments...ah...but that is why you hit reply right?

That was a good one. Like you, my nephew plays the 'I know you are but what am I' game too, he will grow out of it.

Nice try to twist my comments but only you could be that oblivious... That was really lame man, did you think of that all by yourself?

He plays the 'did you think of that all by yourself' game too.

woa, did you get ALL of your personality and your insults from your 12yr old nephew??? ROTFLMAO

It explains alot.

Yes, and I see you got his grammar and spelling.

ok professor troll, at least you admit you have the personality of a 12yr old. I bet you have lots of friends, LOL

Program86 just leave him to his frustrations... he obveouysly has a lot of them. Plus he cant mature when he spends 480hrs on StarWars Galaxies, and 270 on WOW... its a shame, oh well

Great job using a search engine, there is plenty more info about me available.

a billion hours playing PC games, thats all anyone needs to know.

While your math is a bit off, I'm not sure what that lets them know.

What does it mean for you and your Xbox?

ur a f**

suck 86's c0ck

"my math is a bit off"

You didn't just say that did you? OMG you are a tool.

I can only assume you are talking about consulting for Xbox Developement... yeah, I earn plenty of money consulting for all kinds of electronic firms.

And you earn big money by playing Star Wars? You are a joke.

Wow, using a second name to be even more of a troll, nice to see you are hard at work being a perpetual loser. HAHAHAH

(next time hide your IP address so its not so obvious. LOL)

Well, it is plenty easy for you to say you do.

I earn my play time with real estate development, that's not just an anonymous post.

Real estate development and you run a kiddie web design site. Keep the jokes coming. You are a trip.

I don't see an IP in iced's comment. It is not me, I have nothing to hide, I am always available in person or in text.

LOL, nice try, keep em commin... (and the IP address isn't available on the front page noob)

Yup, investigate further you will find it true, I can afford to do both.

LOL, keep the jokes commin... You are the best form of delusional entertainment.

Well you said it was obvious, I was curious as to what made you think it was me.

Well the least you could do was to mask your IP so it doesnt show you logged in twice under your two names. LOL

See THZtroll ... troll THZ troll.

I use Vista Business edition. My system has been affected the bug for about 3 days now. I did not know what it was until I read this report. I am just hoping that MS will post a patch very soon. When I read the article, I started comprehensive scan with Norton 360 but the problem stopped the scan midway.

Obi

That's rich coming from you D3v3lop...oh sorry...Program86.

Do tell, post my IP captain 1337 hax0r, I'm not even hiding behind a proxy. Show us all how cool you are. Come on little boy, throw down.

At least XP is so much better than Vista!
No problems for XP!
It is so not worth to upgrade!

...I'm late.

1. I haven't used animated cursors since Windows 3.1--anyone with half a brain knows they suck twice as many resources as anyone could possibly imagine, due to the fact that the mouse position and such is so important a priority in windows.

2. How many Windows networks use animated cursors (feel free to reply if you've seen one)? How many SERVERS use animated cursors?

3. Still can't execute code on your system using the buffer overflow, so no trojan/worm threat from this. It's just a malformed .ani file, not a virus--no matter what the folks at symantec call it.

Now, again we see the Microsoft dillema, and my prediction was correct from almost 9 months ago: The first "popular" exploit for Windows Vista does not involve some new exploit from the vista code, but rather involves a vulnerability from old Windows 9x code.

So--why must Microsoft make Vista "break" all of your Windows XP programs? Cause there'd be plenty more of these problems by now if they didn't. In fact, I wish they'd have broken all Windows XP programs so we couldn't carry over any exploits from their legacy code--this will happen forever until all traces of windows 9x, windows NT, and windows 2000/xp are swept away.

Unfortunately, Vista still has minute traces of code remaining since Windows 3.1 in it, so the compatability complainers win against the security complainers once again.

http://secunia.com/product/16/?task=statistics

http://secunia.com/product/16/?task=statistics

Vista sucks.

I love Steve Jobs