Apr3
11:36 am (UTC-7)   |   by Paul Oliveria (Technical Communications)

Perhaps due to the increasing number of reports of malware taking advantage of this recently exploited Windows vulnerability, Microsoft is set to release a security patch this Tuesday, April 3.

Normally, Microsoft releases its monthly security bulletins every second Tuesday of the month (aka “Patch Tuesday”). Tomorrow’s release is thus considered an out-of-cycle release. Note that Microsoft’s last out-of-cycle release happened last September for the Vector Markup Language (VML) vulnerability.

Among the mentioned malware exploiting this .ANI vulnerability is TROJ_ANICMOO.AX, which was already discussed in this blog entry. More recently, TrendLabs has detected PE_FUBALCA.A-O, a file infector that targets Web site related files (HTML, JSP, ASP, etc.) in order to inject a URL where an .ANI exploit code is located.

Trend Micro already protects users against similar exploits with the generic detection pattern EXPL_ANICMOO.GEN. However, as always, users are still advised to download and install the security patch as soon as it is released.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Tuesday, April 3rd, 2007 at 11:36 am and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



No Responses to “Microsoft to release out-of-cycle patch for .ANI vulnerability”

Trackbacks

  1. Kaveman’s Daily Feed of Informative Blogs » Microsoft to release out-of-cycle patch for .ANI vulnerability
  2. out boy » Microsoft to release out-of-cycle patch for .ANI vulnerability

First Proof-Of-Concept iPod virus
Our Packet Capture Honeypot is Alive


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice