A Video of Windows Vista Getting KILLED by Dragging a File to the Desktop!
Wow! “Super-secure” Vista going into a perpetual crash loop because somebody drops an malformed .ani file to the desktop? Yep! A McAfee engineer demonstrates it in this video!
“Windows Vista, Microsoft’s extensively applauded most secure Windows platform to date can be taken down by nothing more than a mere animated cursor. I have seen this piece of news spreading, following a security advisory posted by the Microsoft Security Response Center. But what is the real deal behind this information? Microsoft has warned that it is aware of limited and targeted attacks impacting a critical vulnerability in Microsoft Windows Animated cursor handling. At the basis of the zero-day vulnerability is insufficient format validation, before cursors, animated cursors, and icon rendering. Security company Symantec informed that in the eventuality of a successful exploit, the attacker will be able to perform remote arbitrary code execution on the victim’s machine. There are two vectors for this kind of attack, one is the Internet browser and the other is the desktop email client. ‘In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker,’ according to Microsoft Security Advisory (935423).”