ANI vulnerability

A zero-day exploit was announced the other day, taking advantage of the way Windows handles animated cursors. I disregarded this at first until I noticed SANS.org went to yellow the other day...

This effects all versions of Windows, though Vista users will have some level of protection. (IE in Protected Mode will prevent the exploit. Protected Mode is enabled by default.) However, E-mail is still suceptable and XP users going to websites that are designed to exploit this will be at risk.

The AV companies seem to have their signatures in place, so make sure you're keeping them up to date. Also, be wary of the sites you visit; especially social networking and warez pages...

More info here: