Emergency patch released for Vista, Windows

[Soldier4Christ]

Emergency patch released for Vista, Windows 
Vulnerability allowed hackers to track keystrokes

Microsoft on Tuesday released a high-priority software patch intended to fix a dangerous vulnerability in its Vista and Windows operating systems.

The world's largest computer software company made the patch available as hacker groups, most of them based in China, intensified attacks crafted to exploit the weakness that Microsoft disclosed on Thursday.

Microsoft released the patch a week ahead of its scheduled monthly distribution of security updates.

The vulnerability was found in Windows and Vista "ani" files that change cursors to hourglasses, animals or animated figures while computers are executing programs, according to Finland-based computer security firm F-Secure.

"We've seen a lot of activity relating to the ANI exploit during the weekend," said F-Secure chief research officer Mikko Hypponen.

"This vulnerability is really tempting for the bad guys. It's easy to modify the exploit, and it can be launched via web or e-mail fairly easily."

Hypponen said that the majority of the attacks were traced to hacker groups in China.

The home version of Vista was released in January and touted by Redmond, Washington-based Microsoft as it most secure software ever.

The ANI exploit allows hackers a way to sneak in programs such as "malware," malicious software, which steals user names and passwords by tracking what users type on computer keyboards.

Microsoft urged computer owners to install the emergency patch, designated MS07-017, from its security update website. Windows software operates about 95 percent of the world's personal computers.

[Brother Jerry]

Typical...most secure ever....yeah once we release it we keep finding the holes and plugging them up.