Video: Windows cursor hack in action

Summary: Security researcher Alexander Sotirov shows how an intruder can use the .ANI flaw to run malicious software on a Vista PC

By Determina and Alexander Sotirov | April 5, 2007 -- 12:39 GMT (05:39 PDT)

Security researcher Alexander Sotirov of Determina shows how an intruder could use a Windows flaw to enter a Vista PC and run malicious software. The exploit targets the cursor and affects both Internet Explorer 7 and Firefox browsers, according to security company Determina, which reported the vulnerability to Microsoft.

Flash video courtesy of Determina.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment

Log in or register to join the discussion

What about Firefox with extensions installed?

I have 'Adblock Plus' blocking '*.ani' files, and 'NoScript' blocking all scripts (I allow them to run manually after checking their domain in Google). Would this set up be sufficient protection?

MarkiusLanzius

6 April, 2007 09:45

Reply Vote

The best of ZDNet, delivered

White Papers, Webcasts, & Resources

Ten Errors to Avoid When Commissioning a Data Center

Proper execution of the commissioning process is a critical step for your data center. This paper outlines the ten most common errors that prevent successful execution of the commissioning process.
Three Ways to Improve Your Data Storage Capabilities

Whether you're thinking of switching to the cloud or just searching for a scalable solution, this guide will offer best practice tips and strategies for improving data storage.
IBM System x NAS Solution: Reduce Costs and Improve Manageability

Read this solution brief to discover how System x servers offer a complete solution that is easy to manage, reduces risk and gives you better insight into your data.