Microsoft's officials mentioned that an attacker might be able to take advantage of Windows' vulnerability by using a Web page or e-mail message that comprises a certain computer code.
In its advisory the company's officials stated that when viewing a Web page, previewing or reading an encoded message, or opening an e-mail attachment that includes a malware, the hacker can make the affected system to execute the code.
Often such kind of holes in the system are exploited by cybercrooks so they can make "drive-by" installations of their malware. Both spyware and remote control tools, that are able to turn personal computers into drones for the attackers, are creepingly loaded onto computers that have a certain vulnerability. This is made by tricking people to visit rigged Websites or by affecting a trusted site.
In a security alert, which was sent to the customers, McAfee said that a sample code has already been posted on the Web. The code is meant to show the vulnerability of the system. The security company mentioned that the malicious software that exploits this vulnerability "has been observed in a wild."
The feature of animated cursors is designated by the .ani suffix. However, according to Microsoft's officials, a hacker's attack won't be successful if it is constrained only by this file type. A PC won't gain enough protection if it simply blocks such files.
The company's representatives said that the risk of PC attack is much lower if the user works on Vista with Internet Explorer 7. The protected mode of the browser secures the computer against hackers' drive-by installations. This is because IE7 is restricted to where it is able to write files.
No comments:
Post a Comment