Microsoft releases early ANI fix in GDI patch

Share this article:

Microsoft has released an out-of-cycle fix - one week before its scheduled Patch Tuesday release - for numerous vulnerabilities in Graphics Device Interface (GDI) that could allow remote code execution.

The fix, which resolves an issue in the way Windows handles ANI files, affects Microsoft software for Windows 2000, XP, Server 2003 and Vista operating systems.

Researchers from a list of vendors and organizations have reported attacks exploiting the flaw this week, many traced back to China.

By Monday, Ken Dunham, director of the Rapid Response Team at VeriSign iDefense, said more than 150 malware samples exploiting the flaw were in the wild. Websense reported more than 100 exploitation sites by Saturday morning.

Microsoft revealed Monday in an advance notification that it would release a lone bulletin for Windows with a maximum severity rating of "critical." The update will require a restart and will be detectable using the Microsoft Baseline Security Analyzer.

A Microsoft spokesperson confirmed earlier this week that MS07-017 will address a vulnerability in Windows ANI.

The spokesperson said attacks and customer impact were limited, although Microsoft was aware of the existence of a public attack on the flaw.

Meanwhile, eEye Digital Security, which released a third-party patch for the ANI flaw earlier in the week, updated its fix on Monday. A hacker using the alias Jamikazu posted zero-day exploit code that bypasses eEye’s patch to the Milw0rm site on Sunday.

ZERT (the Zeroday Emergency Readiness Team) also released an unauthorized fix for the flaw this week.

The out-of-cycle patch is the first such fix since Microsoft released a patch last September for a flaw in the way Internet Explorer handles vector markup language.

Redmond also released an early fix for a flaw in Windows metafile – a vulnerability often compared to the ANI flaw - in late 2005.

Click here to email Online Editor Frank Washkuch.

Looking for a new job? SCMagazine.com has the latest IT security employment opportunities. Click here for our jobs page.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

More in News

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data ...

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Report: Intrustion prevention systems made a comeback in 2013

Report: Intrustion prevention systems made a comeback in ...

A new report indicates that intrusion prevention systems grew 4.2 percent in 2013, with growth predicted to continue.

Mobile device security sacrificed for productivity, study says

Mobile device security sacrificed for productivity, study says

A Ponemon Institute study, sponsored by Raytheon, revealed that employees increasingly use mobile devices for work but cut corners and circumvent security.