Patch for Windows cursor bug coming early
According to a report by CNet, Microsoft plans to release
an early patch for the animated cursor bug/vulnerability in Windows Vista, Windows Server 2003, Windows XP, and Windows 2000. News of the bug broke out
last week, when Microsoft released an advisory
and McAfee put up a video
of the exploit in action on YouTube. The bug can be triggered by visiting a website or viewing a malicious e-mail message, and it apparently causes Windows Explorer to enter a loop where it keeps repeatedly crashing and restarting itself.
Microsoft told CNet that it originally planned to patch the flaw on April 10, but that it now intends to release the patch tomorrow. "Since testing has been completed earlier than anticipated, Microsoft has released the update ahead of schedule to help protect customers," the company added. Attacks and customer impact are "limited," it says, but users should nonetheless download the patch when it becomes available from Windows Update.