MICROSOFT is expected to issue a patch outside of its routine monthly security update following the hacker activity focused on an exploit that targets the cursor animation files used in Windows.
The company issued a statement saying its monitoring of attacks found that customer impact had been “limited”, but said it would make a patch available outside of its usual security routines.
Microsoft said it had completed testing on the patch earlier than expected.
The Windows Animated Cursor Handling vulnerability – also known as the ANI exploit – was identified late last week.
“In order for the attack to be carried out, the user must either visit a Web site that contains a web page that is used to exploit the vulnerability, or view a specially-craft email message or email attachment sent to them by the attacker,” Microsoft said in a statement.
Tech security specialist F-Secure said the majority of the attacks could be traced back to different Chinese hacker groups.
“We’ve seen a lot of activity relating to the ANI exploit during the weekend,” F-Secure’s chief research officer Mikko Hypponen said.
“This vulnerability is really tempting for the bad guys. It's easy to modify the exploit, and it can be launched via web or email fairly easily. We hope to see Microsoft release a patch for this exploit very soon.”
Most of the activity around the ANI exploit has been via dozens of malicious websites that attack the user if they visit the page with the most common versions of Internet Explorer. However, on Sunday the first worm using the ANI exploit to spread was found.
For more IT Security news, click here.