Attackers Exploit Unpatched Explorer Flaw (in animated cursors!!!)

["Robert Green" <ROBERT_GREEN1963@xxxxxxxxx>]

Attackers Exploit Unpatched Explorer Flaw

Microsoft is warning Windows users that hackers are exploiting a newly
discovered flaw. It enables criminals to hijack Windows PCs if users merely
visit a hostile Web site with an Internet Explorer browser or open a
specially crafted e-mail message.

The vulnerability stems from a weakness in the "animated cursor" function
built into most Windows machines. The company's home campus in Redmond,
Wash., says it is working on a security update to patch the hole, but
cautions customers about visiting unfamiliar Web sites or viewing
unsolicited e-mail. This vulnerability applies to every version of Windows
and Internet Explorer, including version 7

http://blog.washingtonpost.com/securityfix/  (registration probably required
although some sites at the Post are now apparently open to non-subscribers)

Some other fascinating subjects, too:

Fortune 500s Unwittingly Become Spammers

A Fresh Look at Password Thieves

Stolen Identities Sold Cheap on the Black Market

"According to the latest Internet security threat report from Symantec
Corp., the going rate for the keys to assuming someone else's identity can
be had for between $14 and $18 per victim on underground cyber crime forums.
Full identities typically include Social Security numbers, the victim's bank
account information (including passwords), as well as personal information
such as date of birth and the maiden name of the victim's mother."

Is it time to build a bunker and live off the net?  (-:

--
Bobby G.