Print this article  |  E-mail this article  |  Comment on this article

Vista Can Be Taken Down by an Animated Cursor

By Scott M. Fulton, III, BetaNews

March 29, 2007, 5:16 PM

In what could be the most embarrassing exploit to impact Windows Vista since its commercial launch in January, security engineers at McAfee's Avert Labs confirmed today - and posted the video to prove - that the operating system can be caused to enter an interminable crash-restart-crash loop, by means of a buffer overflow triggered by nothing more than a malformed animated cursor file.

It isn't even a new exploit, as researchers with eEye discovered in January 2005. At that time, Microsoft acknowledged it affected versions of the operating system from the first edition of Windows 98 through to early releases of Windows XP, though it stated at the time XP SP1 was unaffected.

But apparently after researching field reports of limited attacks, Avert Labs discovered an apparently similar exploit using .ANI files impacts XP SP2 and Vista, as well as Windows 2000 SP4 and versions of Windows Server 2003 from the initial release through to SP1. Avert Labs stated XP SP1 and versions since were unaffected, though Microsoft warned the exploit does affect XP SP2.

If both firms' accounts are correct, Microsoft may have fixed the problem with XP SP1 in 2005, and inadvertently un-fixed it sometime afterward.

Avert Labs' video of the incident, posted to YouTube, shows a Vista system wherein the test file apparently trying to load the custom animated cursor. When the operating system detects a crash, it first tries to save vital data prior to a restart sequence - one of Vista's newer features. It then informs the user that Windows Explorer has crashed.

But in trying to restart Explorer, the restarting crashes itself, sending Vista into a tailspin from which the only escape appears to be the off button.

The mouse input routines in Windows are designed with the intention of being relatively failsafe. That's why when the system appears to hang, you can often still move your mouse pointer. As I've personally witnessed on many occasions with Windows XP, it's possible for a smaller OEM's mouse driver - often an unsigned one - to trigger a similar tailspin loop that crashes Windows Explorer repeatedly. In Windows, a lot depends on the mouse pointer's very existence.

So if a customization feature can impact the mouse pointer's ability to function, the integrity of the entire system can be jeopardized. With my own systems, drivers and services that are unfriendly to one another - such as Stardock's CursorXP animation program trying to co-exist with a Synaptics Pointing Device driver on a notebook with ATI Mobility Radeon 9600 graphics - can trigger an Explorer tailspin.

What I'm calling the "tailspin" is nothing new. What is very disturbing about this revelation, however, is that it can be triggered by nothing more than Microsoft's own operating system software and processes.

McAfee reports this exploit is being utilized in the wild, and Microsoft today issued its boilerplate language warning users not to open e-mail attachments they don't recognize.

Add a Comment (126 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By schizoduckie

edited Mar 29, 2007 - 7:34 PM

Does this mean you could also make Windows crash when you use a malformed cursor by loading up a custom URL for it using some CSS ?

Score: 0

By vrosa

edited Apr 5, 2007 - 12:13 AM

edit:

Score: 0

By vrosa

edited Apr 4, 2007 - 2:18 PM

M$ = Microcrap

Score: 0

By justme123

posted Apr 4, 2007 - 9:28 AM

Vista sucks.

I love Steve Jobs

Score: 0

By Tenoq

posted Apr 2, 2007 - 2:24 AM

For those that missed it, exploit already exists in e-mail form. Just needs to be opened:
http://tinyurl.com/3clxwg

Score: 0

By robmanic44

posted Mar 31, 2007 - 1:26 PM

This can be fixed with either TweakNow Pro or the 9.0 version of XSetup Pro. The problem is in the boot comfiguration. I'm now using a cursor from Stardock Cursor Plus with no problems.

Score: 0

By RBLevin

edited Mar 30, 2007 - 8:25 PM

BWWWAAAAA!!!!!

Completely overblown. Read the comments on the post.

Yes, it's an issue that should be fixed. No, it doesn't crash the OS, but rather, the shell. Anyone can crash Explorer without malware.

Heck, I can simply load some commercial apps -- like McAfee's own bloated antivirus -- and crash Explorer.

It's also not clear if UAC was disabled, and if it was, how Explorer would behave with UAC enabled.

Lastly, if you run Explorer as a separate process -- which is not the default -- an Explorer crash will not destabilize the system.

From a rational comment on the blog:
>>>
While the core vulnerability exists in Vista, it is mitigated by several factors; IE7 Protected Mode (via the MIC model wherein IE7 runs with low integrity, and communicates with higher integrity components through a broker process, thus protecting the shell and other processes from this attack) and by UAC which, even if IE Protected Mode is disabled, will only allow the exploit the privileges of a standard user, making it far easier to recover from an attack.

Also, this video is not showing an OS crash-restart as is claimed but is showing a shell (explorer.exe) crash restart. Launch taskmanager from the winlogon desktop, starting a command prompt and delete the offending file from the profile desktop folder. If a trojan was installed, provided UAC is enabled, and this attack was instigated from a non-elevated process, the scope would be limited to user profile autostart entries in the registry and AV/anti-malware would easily mitigate (or one could easily manually remove the malware via autoruns or similar tool).

On XP this is a far more serious issue as those protection mechanisms don’t exist and the user is likely running with unrestricted admin privileges. In short, highlighting Vista may make for more dramatic coverage, but ultimately Vista’s default security settings and mechanisms work to mitigate this vulnerability exactly as advertised.

Score: 0

By robmanic44

posted Mar 31, 2007 - 11:10 PM

Vista SP1 should be out now and you know it. These are far from being the only problems with Vista. Another beta OS release from Microsoft.

Score: 0

By PC_Tool

posted Apr 2, 2007 - 5:57 PM

Care to name a few major ones that require a SP, or are you just trolling?

Score: 0

By PostDeals

edited Mar 31, 2007 - 1:32 AM

More reasons for me to spend my $300 on a "SECURE" os. NOT.

Score: 0

By Pixelsmack

posted Mar 31, 2007 - 12:09 AM

Misleading and inappropriate title to this article. The title implies VISTA only. When they list that nearly all MS's OSs are affected.

* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 2
* Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003
* Microsoft Windows Server 2003 for Itanium-based Systems
* Microsoft Windows Server 2003 Service Pack 1
* Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows Vista

Score: 0

By PC_Tool

posted Mar 30, 2007 - 11:01 AM

What is very disturbing about this revelation, however, is that it can be triggered by nothing more than Microsoft's own operating system software and processes.

Every exploit known to man exploits a systems software or processes. That statement makes no sense. And it's not self-triggering, it still requires a 3rd party custom cursor.

I'm not saying that MS didn't royally screw the pooch on this, but trying to claim that it requires nothing but Microsoft's own software is a flat-out lie. It *requires* a 3rd party malformed animated cursor.

Their QA should have caught this, but let's get some perspective, folks. This isn't going to affect any but a few folks.

In terms of affect to the total number of users, this will have statistically no impact other than a couple of folks who dislike MS get to jump around like retards at the zoo(See below).

Score: 0

By Tenoq

posted Apr 2, 2007 - 2:21 AM

Try to keep up:
http://tinyurl.com/3clxwg

Exploits already wild, and are quickly spreading via e-mail.

You know what they say about statistics, PC Tool. :p

Score: 0

By PC_Tool

posted Apr 2, 2007 - 9:47 AM

Great. TinyURL. Sorry, not interested.

Takes a bit more than that to get me, and please tell me you're not hiding actual information behind that link.

You know no knowledgeable PC user would go there, right?

Yes, keep up, please do. As for statistics? as stated in another thread, there are 6.7 billion people in the world. According to cnet (http://news.com.com/A+bi...100-1003_3-5290988.html), there will be 1 Billion computer users by 2010 (meaning there are less now).

Unless it's affecting over 10,000 users, I really don't care.

Score: 0

By AntiochMedia

posted Mar 30, 2007 - 6:53 PM

I'd like to see BetaNews hire on people like yourself as an editor for their articles. While this article does explain how the restart loop works, it fails to explain how one would GET a cursor that causes this. The CursorXP reference is good, but still not very direct.

Score: 0

By ryusen

posted Mar 30, 2007 - 6:16 PM

MS sucks!!!

(sorry... i scrolled down a bit, and didn't catch any ABM trolls, so i thought i would help ensure your statement)

Score: 0

By Paradise-FH-

posted Mar 30, 2007 - 2:37 PM

"... to jump around like retards at the zoo"

and thus any notion that "PC" stood for "politically correct" was dismissed. :D

Score: 0

By PC_Tool

edited Mar 30, 2007 - 3:04 PM

Oh, hell...that went out the door eons ago.... :p

What? No-one here listens to the Dead Milkmen?

Score: 0

By fewt

edited Apr 1, 2007 - 3:57 AM

It's a boring day - I've got nothing to do
Except to get a load of retards and drive 'em to the zoo

Oh oh oh takin' retards to the zoo

Oh oh oh takin' retards to the zoo

'nuff said, heh

Score: 0

By PC_Tool

posted Apr 2, 2007 - 9:39 AM

I'm shocked. Truely. ;)

Score: 0

By fewt

posted Apr 2, 2007 - 7:29 PM

not, heh

Score: 0

By normangerman

posted Apr 3, 2007 - 1:44 AM

Emo...

Score: 0

By Silentmaster101

posted Mar 30, 2007 - 3:56 PM

:-P i do...

Score: 0

By MyrddinE

edited Mar 30, 2007 - 1:31 PM

I'm sorry, but this is not exactly true. There are two major classes of exploit: Programs that can attack the system, and Data that can attack a program.

It's almost impossible to protect against a malicious program. Viruses and Spyware run rampant, and if a user allows them to run it's difficult if not impossible to prevent them from harming the computer.

But it is relatively easy to prevent malicious data to attack the system. Malicious data should be preventable... programs should check the data before running it, should confirm that the input data is valid. Insecure programmers and permissive programming languages are what allow bad data to harm the system.

So the point is that a Microsoft system driver, a driver that is critical to the second-to-second operation of the computer, a system driver that needs to function even when everything else is crashing... is NOT checking its input data.

That is worse than having a third-party driver, written by some random mouse manufacturing company, being poorly written. This is a Microsoft driver, written by a company that should know what portions need to be most secure, screwing up and RE-INTRODUCING a bug they already fixed years before.

Inexcusable.

Score: 0

By PC_Tool

edited Mar 30, 2007 - 2:08 PM

'm sorry, but this is not exactly true.

Not quite sure what you're referencing here, so I'll leave it be...

It's almost impossible to protect against a malicious program.

Don't download it, don't run it. Sounds easy enough to me. (/joke, I get your point about the difficulty of hardening an OS against malicious programs)

This is a Microsoft driver, written by a company that should know what portions need to be most secure, screwing up and RE-INTRODUCING a bug they already fixed years before.

While I'm *sure* their mouse drivers we're at the *top* of their list on security measures (/sarcasm), I never once claimed this wasn't a screw-up of massive proportions on their part.

I was pointing out the incorrectness of a statement made in the article, not debating whether or not Microsoft is at fault. I think it's pretty obvious they messed up to everyone here.

Score: 0

By Silentmaster101

edited Mar 30, 2007 - 3:58 PM

the obvious solution here is to take away peoples ability to add animated cursors, they annoy the hell out of every tech i know. they are cutesy crap and nothing critical....

Score: 0

By PC_Tool

posted Mar 30, 2007 - 5:24 PM

Works for me.

Score: 0

By alphatrigon

posted Mar 30, 2007 - 11:56 AM

hehe...was all I could say. The story is amusing and not new, so I don't really understand why it's new. Maybe because it still "exists" in Vista?

All we have to do is avoid the software that messes around with the GUI? Hmm, not hard if we plan to use Vista and a new gui that is very appealing. :)

Strange thing though, how that configuration mentioned above is ALMOST like mine...or maybe it's just Synaptics is all over the place :D. I just use a different WXP gui alteration than the one mentioned...and suffer no crash because it is better coded.

Score: 0

By SMFulton3

posted Mar 30, 2007 - 11:46 AM

Well, I'm trying to swallow the phrase "flat out lie" as though you didn't really mean I was lying, or something that idiotic or outrageous, so I can reply to you in a more civil tone:

An .ANI file is a document. It's registered as such in the System Registry. Thus just like other documents that trigger software processes to do unwanted things like crash, this one does as well. Just because people other than Microsoft produce documents does not mean this is a third-party exploit, otherwise every Outlook exploit there ever was could be excused by Microsoft by saying, "Folks, we don't write e-mails."

-SF3

Score: 0

By PC_Tool

edited Mar 30, 2007 - 12:15 PM

You and I both know it doesn't work like that, or at least, I would hope you do.

It doesn't matter if it's an application, library, or document, contains it's own functionality, or relies solely on the functionality of the environment in which it is used.

Programs and operating systems are created to do something, with specific functionality in mind. They are not created to *not* do something the developer never intended, or even imagined. They can excuse it because it does what it was intended to do, display email, or, in this case, animated cursors.

I understand the .ANI file is not a program. I simply don't think that it makes any difference. This exploit, along with the vast majority of others out there, programs or not, require intended malice on the part of the creator of the malformed cursor.

Sure, it doesn't require a 3rd party application. But it does require something *other* than Microsoft's processes and software. Your claim may have only been directed at making the point that it had no processes of it's own, but that's not how it was written.

Score: 0

By foxfyre

posted Mar 30, 2007 - 3:21 PM

"Programs and operating systems are created to do something, with specific functionality in mind."

Wonderful concept.

Now if Windows could just focus on actually doing it, and if Linux could figure out what the concept of an "application" is.

Score: 0

By T3chDad

posted Mar 30, 2007 - 1:08 PM

PC_Tool must be a hammer...because he hit the nail on the head.

Score: 0

By bourgeoisdude

posted Mar 30, 2007 - 6:08 PM

Well he is right, of course. But if we dare blame the user for clicking the wrong thing...

...see the problem? We can joke about users needing to get a clue before using computers, but if we ever get down to it and act as if it were truley their fault and not microsofts--well, think of the 9th Circuit Court :)

It has to be microsofts problem because individuals can never be blamed for anything. Only groups or entities can, thereby destroying any and all need for personal responsability, accountability, and morality.

Score: 0

By normangerman

posted Apr 3, 2007 - 1:49 AM

I'm sure it's the car manufacturer's fault if the car crashes because the driver was driving irresponsibly...(/sarcasm)

Score: 0

By Reverb

posted Mar 30, 2007 - 10:07 AM

This has been around since Windows 98?
Oh well..another day, another windows exploit.
This won't affect anything..When you buy a new
PC or laptop your OS has already been chosen
for you. Resistance is futile!

Score: 0

By Silentmaster101

posted Mar 30, 2007 - 4:01 PM

well if you dont use stupid malformed cursors like an idiot you also have nothing to worry about.

Score: 0

By Avion Airplane

posted Mar 30, 2007 - 9:48 AM

WOW!

Score: 0

By maximum

posted Mar 30, 2007 - 9:31 AM

Here is my question: who NEEDS custom animated cursors so badly that they find some seedy website and grab a KevinFederline.ani? This problem only affects the Grandmas, Trekkies and kitten-lovers of the world.

Seriously, does anyone here download .ANI's from anonymous Star Trek Cursor Web-holes?

Score: 0

By crashoverride

posted Mar 31, 2007 - 9:44 AM

Now that you mention Star Trek. Microsoft kind of reminds me of the Borg Collective.

Score: 0

By SMFulton3

posted Mar 30, 2007 - 11:48 AM

That might make sense, maximum, except that in the video you might have seen, the document that triggered the crash loop doesn't appear on the desktop to be an .ANI file. It looks like something that anyone could name, "Click here for more pictures of Britney Spears' underpants." So it doesn't have to pass itself off as a cursor file in order to be malicious.

And you better watch out what you say about us Trekkies and kitten-lovers.

-SF "Live Long and Meow" 3

Score: 0

By maximum

edited Mar 30, 2007 - 12:52 PM

LOL

I dig Star Trek. I have no remorse for kittens or grandmothers, however.

Score: 0

By Daddy_Spank

posted Mar 30, 2007 - 11:27 AM

Haha.... good one :)

Score: 0

By templar™

edited Mar 30, 2007 - 9:19 AM

Let's put things in perspective. The damage caused by this bug would be more of a PR disaster than a technical one.

Nevertheless, it is sign of a flawed QA process.

Score: 0

By DudeBoyz

posted Mar 30, 2007 - 8:50 AM

Highly paid, imported programmers - top talent - and this is what you get?

I understand that programming an OS is tough, but how does something like this slip by?

It's been identified as an issue in the past, but they don't fix it? What, don't they know what a CHECK LIST is?

All these years they have been programming this code. Is this the BEST that Microsoft can offer its customers? $399 for the Ultimate Edition and stupid bugs like this still sit right there in the code.

How do some of these people keep their jobs? Honestly?

Score: 0

By rlo

edited Mar 31, 2007 - 4:02 PM

How do some of these people keep their jobs? Honestly?

Illegally. Remember that MS was found guilty of violating numerous antitrust laws.

It just so happens that the administration changed and the new justice department decided that allowing MS to put windows in all schools for free would be sufficient punishment. That would teach them about competitive innovation.

In the end that didn't happen either. so far as I can tell. there was no corrective action for a company that remains guilty on all counts.

Maybe that is the new us gov't model. No longer a republic, but an auction block.

Score: 0

By Silentmaster101

posted Mar 30, 2007 - 4:02 PM

you ever try writing an os and checking every possible line of code for a as of yet unthought of exploit?

Score: 0

By templar™

edited Mar 30, 2007 - 9:15 AM

It seems like they did fix it. But someone must have screwed up by re-checking in old source code into their repository.

Score: 0

By foxfyre

posted Mar 30, 2007 - 6:32 AM

Different day, same old song and dance.

Score: 0

By Joe Dirt

posted Mar 30, 2007 - 6:14 AM

ROFLCOPTER @ the comment war going on in here :D

Score: 0

By robmanic44

posted Mar 30, 2007 - 5:53 AM

The animated cursors from Stardock do not cause Vista Ultimate to crash, but they do cause a warning message on shutdown and startup. They do the same for desktop themes from Stardock. The themes do appear on the desktop, but are not functional and must be unloaded. There are too many other problems to list.

Score: 0

By macki

edited Mar 30, 2007 - 5:08 AM

David and Goliath springs to mind!

Score: 0

By Crispy777

posted Mar 30, 2007 - 2:09 AM

lol @ MS

Score: 0

By crashoverride

edited Mar 30, 2007 - 12:51 AM

One question....nothing to do with the report. I'm just wondering what is up with all the comments at the bottom? It's rather funny.

Score: 0

By kprovance

posted Mar 30, 2007 - 4:53 PM

I know...it is isn't it? I'm laughing so hard I'm in tears...and it isn't really even *that* funny.

Score: 0

By THZGryphon

posted Mar 30, 2007 - 12:51 PM

And this one is different how?

Score: 0

By crashoverride

posted Mar 30, 2007 - 1:22 PM

Do not start with me. I am not going to get into one of your childish arguments.

Score: 0

By Jegar48

posted Mar 30, 2007 - 9:30 AM

I think they are playing "I can pee farther than you can"

Score: 0

By silenthavoc13

edited Mar 29, 2007 - 11:41 PM

It's kinda sad when a program as simple as an animated pointer can cause an OS to go into a crash-restart loop. The fact that it's been a problem since Windows 98 is even worse. It's been 9 years and microsoft still hasn't fixed it? Mind you it is a small exploit, but it's a bug nonetheless and deserves to be look into considering how long it's been plaguing the Windows OS. One would just assume that Microsoft would just stamp out the problem just to say they did it. I guess I expect too much from the company.

Score: 0

By zridling

posted Mar 29, 2007 - 10:26 PM

One question: who uses animated cursors anymore? Anyone want to admit it? As much as I carped on and on about Vista's EULA, I like the stability of the OS, even over XP. Beware, however, Vista doesn't seem so great on old hardware.

Score: 0

By smarterthanyou

edited Mar 30, 2007 - 2:46 AM

Vista's Aero Basic and Aero Glass interfaces use animated mouse cursors by default.

Score: 0

By kprovance

posted Mar 29, 2007 - 10:35 PM

I do. It's the basic green once that cam with Win95. What's the big f'ing deal about animated cursors?

Score: 0

By Floodland

posted Mar 29, 2007 - 9:42 PM

It is awesome how M$ fans find the way to bias any article that touch god M$.
Micro$oft not only release flawed software but they recycle bugs, that is at least, impressive. It is not the first time they do something like this, how lame!
Microsoft cannot mantain Windows code anymore: Open source is the future.
Microsoft, you started to fade, just turn back or die, slowly.

Score: 0

By THZGryphon

posted Mar 30, 2007 - 12:49 PM

I'm sure some of your favorite software has perpetual bugs that are never fixed. Only the ignorant believe this is unique to MS.

Score: 0

By siryak

posted Mar 29, 2007 - 10:53 PM

Lol...Last time I checked Windows is still on the vast majority of computers...Anyway who cares about some stupid animated cursor bug. I mean who downloads cursors? Seriously?

Score: 0

By crashoverride

posted Mar 30, 2007 - 12:36 AM

"I mean who downloads cursors?"

From some of the remarks I've read Bill and Steve make over the past year I was under the impression that you Windows users downloaded anything that is put in front of you.

Score: 0

By uberfly

posted Mar 30, 2007 - 1:09 AM

The truth is that there's just 100 million times more things for windows users to download than the other OS's (and MANY more casual users). That's part of the fun of using windows. It's the busy, fun, but more dangerous side of town. You Apple and Linux types in your caves are at least good for a chuckle. Keep at it.

Score: 0

By petgamer

posted Mar 29, 2007 - 10:42 PM

So a new exploit comes out and you're thinking that Microsoft is fading away? I don't believe it's just that simple.

Microsoft will probably fix the problem and most users will still use it.

Same old story. Nothing new to see here folks.

Score: 0

By Grazer

posted Mar 30, 2007 - 12:40 PM

And most users will never realize there was an issue in the first place.

Score: 0

By phenomnaruto

posted Mar 29, 2007 - 8:10 PM

why aren't programmers trying this hard to find exploits in Mac OSX, i'm sure you can find millions ... especially since its based off unix.

Of course since NO ONE buys apple, its a waste of time to find exploits or create them. =\

Score: 0

By foxfyre

posted Mar 30, 2007 - 6:30 AM

Here we go again...

If OSX is So insignificant, why are you trying to justify MS's mess by commenting on OSX?

Same old rant.

How about dealing with the MS mess. You know, the OS that is so secure they need no anti-virus protection (per MS)! Maybe not, as there are so many internal holes that the main threat is not from 3rd party software!

You definitely have enough to keep you busy!

Score: 0

By uberfly

posted Mar 30, 2007 - 1:14 AM

Yes, it's true. All these exploits never go hot within a day like they do in windows. I mean, why bother? There actually have been more exploits found in Apple in the last 6 months than in Windows. It's just that no-one bothers to put them into play.

Score: 0

By rlo

posted Mar 31, 2007 - 4:10 PM

please cite your source if you didn't make it up. please laso cite a real source and not one that you made up in another comment stream.

Score: 0

By HyTeK

posted Mar 29, 2007 - 8:31 PM

So the increase in apple laptops being sold means that aliens are buying them?

And yes people spend a large amount of time trying to exploit Linux. What do you think most of the internet servers are run on? LAMP servers. Script-kiddies and exploiters have spent years exploiting LAMP servers, just to deface or break into websites. This has strengthened the core of Linux and their web servers far more then Windows could ever hope for.

The difference here is between what can you do with that exploit. Exploit Linux and you might be able to delete or screw with the user that is logged in. (rarely can you gain escalated privileges to root). Exploit Windows and you are 99% on target to have that user with administrator privileges.

Worst Case Scenario with the majority of exploits out right now:

Exploit with Admin rights on Windows = Dead or Bot-Farm computer

Exploit on Linux = Delete User Account and create new one

Score: 0

By RejZoR

posted Mar 29, 2007 - 7:04 PM

I couldn't care less for this "exploit"...

Score: 0

By crashoverride

posted Mar 30, 2007 - 12:45 AM

That's right everyone, it's not an exploit....it's a feature.

Score: 0

By foxfyre

posted Mar 29, 2007 - 7:26 PM

Nevermind everyone.

Its just been announced that this issue doesn't bear notice.

I'm soooo relieved!

Score: 0

By GCoder

posted Mar 29, 2007 - 7:00 PM

"What is very disturbing about this revelation, however, is that it can be triggered by nothing more than Microsoft's own operating system software and processes."

That is very disturbing actually.

Score: 0

By school1012

posted Mar 29, 2007 - 6:40 PM

Have tried this several time on differnt Vista machines, all of which do not work. XP does appear to crash

Score: 0

By DudeBoyz

posted Mar 29, 2007 - 6:31 PM

BAHAHA!

Oh man!

At least XP still works. :)

Score: 0

By THZGryphon

posted Mar 29, 2007 - 6:32 PM

Read more and see it doesn't.

Score: 0

By slipdisc2

posted Mar 29, 2007 - 5:57 PM

it can be fixed rather easily. enter safe mode, remove the offending file, reboot and voila.

Score: 0

By rlo

edited Mar 31, 2007 - 4:15 PM

Hey, why can't I get my cass out of the bank? Why is my phone line down? What happened to that life support machine?

Oh, sorry. We had to reboot every server and workstation to "safe mode" (read doesn't do anything) to remove a corrupt icon file.

inexcusable.

Score: 0

By SorenMD

posted Mar 29, 2007 - 6:06 PM

True, but I dont think your casual computer user is going to do that or even know how to do it. Its just disappointing to see the same exploits occur over and over again. Its like MS is not paying close enough attention. Sad state of affairs.

Score: 0

By Program86

edited Mar 29, 2007 - 5:47 PM

BWAHAHAHAHAH
Same old s.h.i.t again and again.
Where are the Vista fanboys touting its superiority?
Dont make me laugh. Its the same old sad story. Vista is not a new OS, its just XP SP3 with the same windows exploits.
What a joke.

Score: 0

By bourgeoisdude

posted Mar 30, 2007 - 2:01 PM

...I'm late.

1. I haven't used animated cursors since Windows 3.1--anyone with half a brain knows they suck twice as many resources as anyone could possibly imagine, due to the fact that the mouse position and such is so important a priority in windows.

2. How many Windows networks use animated cursors (feel free to reply if you've seen one)? How many SERVERS use animated cursors?

3. Still can't execute code on your system using the buffer overflow, so no trojan/worm threat from this. It's just a malformed .ani file, not a virus--no matter what the folks at symantec call it.

Now, again we see the Microsoft dillema, and my prediction was correct from almost 9 months ago: The first "popular" exploit for Windows Vista does not involve some new exploit from the vista code, but rather involves a vulnerability from old Windows 9x code.

So--why must Microsoft make Vista "break" all of your Windows XP programs? Cause there'd be plenty more of these problems by now if they didn't. In fact, I wish they'd have broken all Windows XP programs so we couldn't carry over any exploits from their legacy code--this will happen forever until all traces of windows 9x, windows NT, and windows 2000/xp are swept away.

Unfortunately, Vista still has minute traces of code remaining since Windows 3.1 in it, so the compatability complainers win against the security complainers once again.

Score: 0

By GCoder

edited Mar 29, 2007 - 6:16 PM

Just ignore "THZGryphontool" , he's a known MS troll. Go bother someone else with your ignorant nonsense.

Score: 0

By THZGryphon

edited Mar 29, 2007 - 5:58 PM

Why do you not respond to the other comments you make where everyone proves you wrong time and time again?

You are a troll. You read the titles and no further and spout your ignorant comments again and again.

Calling others a fanboy as an insult, and all the while being one yourself is really brilliant.

Score: 0

By Program86

edited Mar 29, 2007 - 6:02 PM

Thanks for the laugh. Thats a good one...
A Troll calling me a troll???, hahahah

That comment hit a little to close to home?

awwww poor baby, cry some more.

Score: 0

By THZGryphon

edited Mar 29, 2007 - 6:09 PM

Wow, intelligent reply. Like GCoder, you took the easy way out again I see with anonymous insults and with no defense for yourself.

Score: 0

By GCoder

posted Mar 29, 2007 - 6:19 PM

And he needs to defend himself why? At least he commented on the article and wasnt just trolling and insulting others.

It looks like you need defending, and your losing...BAD.

Score: 0

By THZGryphon

edited Mar 29, 2007 - 6:31 PM

It is called a reply, that is what you do to comment about a previous comment. If I had a comment on the article I would have posted new comment.

I do not see the relevance about the article in your comments...ah...but that is why you hit reply right?

Score: 0

By phenomnaruto

posted Mar 29, 2007 - 8:12 PM

See THZtroll ... troll THZ troll.

Score: 0

By obialor

edited Mar 29, 2007 - 10:47 PM

I use Vista Business edition. My system has been affected the bug for about 3 days now. I did not know what it was until I read this report. I am just hoping that MS will post a patch very soon. When I read the article, I started comprehensive scan with Norton 360 but the problem stopped the scan midway.

Obi

Score: 0

By ethanbowenwon

posted Mar 30, 2007 - 10:42 AM

At least XP is so much better than Vista!
No problems for XP!
It is so not worth to upgrade!

Score: 0

By rlo

posted Mar 31, 2007 - 4:21 PM

http://secunia.com/product/16/?task=statistics

Score: 0

By rlo

edited Mar 31, 2007 - 4:22 PM

http://secunia.com/product/16/?task=statistics

Score: 0

By justme123

posted Apr 4, 2007 - 9:26 AM

Vista sucks.

I love Steve Jobs

Score: 0

Dec 4 - 11:47 AM ET The storm hits AT&T, with a five-digit headcount reduction

Dec 4 - 11:42 AM ET TV sports adopts Web coverage, plays with iPhones

Dec 4 - 11:24 AM ET Microsoft seeks 'community' help to make IE8 Standards Mode work out

Dec 4 - 10:43 AM ET Hitachi GST and Intel make a solid-state deal

Dec 3 - 11:36 PM ET Yahoo cedes Internet radio operations to CBS

Dec 3 - 5:54 PM ET Big BCS bowl game to land at CES 2009...in 3-D!

Dec 3 - 4:58 PM ET Songbird 1.0 music player makes a landing

Dec 3 - 3:41 PM ET Ted Rogers (1933-2008), giant of Canadian tech and media

Dec 3 - 2:27 PM ET Analysts: PC growth will slow, while notebooks remain a bright spot

Dec 3 - 1:58 PM ET RIM's third quarter outlook shouldn't shock, but does anyway