Chinese servers host malicious cursor attacks

A criminal group responsible for using compromised Web sites to spread malicious software have already started using the latest Microsoft flaw to install their code from at least three servers in China, security experts said on Friday.


The sites are using a flaw in the way Microsoft Windows handles animated-cursor files, which the software giant acknowledged on Thursday in a security advisory. While Microsoft has stated that the attacks using the animated-cursor vulnerability in Windows appear “to be targeted and not widespread,” as many as 25,000 compromised Web pages currently use JavaScript to send visitors to the malicious Chinese sites, said Andreas Marx, CEO of antivirus software testing firm AV-Test.org.


http://www.securityfocus.com/brief/473

Leave a Reply