Hackers are using problem of Windows in processing animated cursors

Specialists of those companies which are occupied with computer security, note that there are in the Internet a large number of sites that exploit vulnerabilities in Windows operating systems, concerning the features of processing the animated cursor files (.ani) by Microsoft operating systems. Let`s remember that by exploiting this gap, a violator theoretically can gain unauthorized access to a remote computer. To organize the attack the violator needs to decoy the user to specially organized web page or send to the user a malicious email. About this gap Microsoft has warned at the end of March, and characterized it as critically dangerous. All Windows versions have this gap, including Windows Vista. At the beginning of this month Microsoft has released casual bookmark especially to neutralize the hole. According to specialists of Secunia Company, now the vulnerability is exploited by violators in a wide range of various malicious programs, ranging from spy modules to software for making boot-sites. Websense experts, in their turn, have discovered in internet 450 sites, attendance of which may be finished for users by the theft of personal information through the same gap in the system. When you open these resources you are readdressed to specially generated web page, the visit of which can be resulted in infection by spymodule ad.exe. The gap is also used by spammers, distributing to the users e-mails in HTML format with the title “Hot Pictures of Britiney Speers”, and with the reference in the body of the letter. The reference leads to a web page that activates malicious script. The technical director of American company Exploit Prevention Labs Roger Thompson believes that first the vulnerability in the module of processing animated cursors files was discovered by Chinese hackers, who tried to gain unauthorized access to subscribers` accounts of the game World of Warcraft. Afterwards the malicious code written by Chinese hackers has been modified repeatedly. Experts note that the vulnerability will be the cause of emergence of a large number of new boot-sites, which are now being widely used by hackers to send spam, the organization of DOS-attacks on inconvenient resources and the realization of phishing machinations. In particular, Max Kakres from Boston Core Security Company holds this point of view, reports PC World.