Windows Icons and Cursors Could Allow Remote Code Execution or Denial of Service

A vulnerability in the way Windows handles icons and cursors could allow intruders to gain control over a user's system, or cause of Denial of Service (DoS) attack if the user's view HTML specifically designed to exploit the problems.

January 10, 2005

1 Min Read
ITPro Today logo

ReportedJanuary 11, 2005, by eEye Digital Security


VERSIONS AFFECTED

  • Windows Server 2003

  • Windows XP

  • Windows 2000

  • Windows NT

  • Windows Me

  • Windows 9x


DESCRIPTION>

A vulnerability in theway Windows handles icons and cursors could allow intruders to gaincontrol over a user's system, or cause of Denial of Service (DoS)attack if a user views HTML specifically designed to exploit theproblems.

VENDOR RESPONSE

Microsoft has issuedSecurity Bulletin MS05-002, “Vulnerabilityin Cursor and Icon Format Handling Could Allow Remote Code Execution(891711),”to address this critical issue.

CREDIT

Discovered by eEye Digital Security>

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.