Perhaps due to the increasing number of reports of malware taking advantage of this recently exploited Windows vulnerability, Microsoft is set to release a security patch this Tuesday, April 3.

Normally, Microsoft releases its monthly security bulletins every second Tuesday of the month (aka “Patch Tuesday”). Tomorrow’s release is thus considered an out-of-cycle release. Note that Microsoft’s last out-of-cycle release happened last September for the Vector Markup Language (VML) vulnerability.

Among the mentioned malware exploiting this .ANI vulnerability is TROJ_ANICMOO.AX, which was already discussed in this blog entry. More recently, TrendLabs has detected PE_FUBALCA.A-O, a file infector that targets Web site related files (HTML, JSP, ASP, etc.) in order to inject a URL where an .ANI exploit code is located.

Trend Micro already protects users against similar exploits with the generic detection pattern EXPL_ANICMOO.GEN. However, as always, users are still advised to download and install the security patch as soon as it is released.