Battle stations: New “ani” zero day being hunted

The folks over at McAfee have written today about a new zero day, and it doesn’t look pretty. Our team is on high alert for this exploit and we are actively hunting for any sites which are using it.

From McAfee:

Preliminary tests demonstrate that Internet Explorer 6 and 7 running on a
fully patched Windows XP SP2 are vulnerable to this attack. Windows XP SP0 and SP1 do not appear to be vulnerable, nor does Firefox 2.0. Exploitation happens completely silently.

The ani format is an animated cursor format. We’ll post more information as we get it.

Alex Eckelberry

Update:  Microsoft security advisory here.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s