[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] Microsoft Repatches Its .ANI Emergency Patch
By Sharon Gaudin
April 9, 2007
Still dealing with problems with last week's emergency .ANI
vulnerability patch, Microsoft has fixed three more issues in a
Microsoft issued a hotfix for the patch on Tuesday, April 3, just hours
after the original patch was released to the public. A hotfix is a small
patch; typically they come out more frequently and with much less
fanfare than the normal cycle of monthly or emergency patches. This time
the hotfix was used to correct a problem in the emergency patch.
The hotfix was released last week to deal with a problem stemming from
some files in the patch and the operating system having conflicting base
addresses. Because of that, with computers running Microsoft Windows XP
with Service Pack 2, the Realtek HD Audio Control Panel had problems
starting after the patch was installed. Users also received an error
message about an illegal system DLL relocation.
After that issue was dealt with in the hotfix on Tuesday, Microsoft
updated the hotfix on Friday to deal with other programs that were
affected on Windows XP, Service Pack 2 systems.
Microsoft noted in an advisory that ElsterFormular 2006/2007, German tax
calculation software, was affected. TUGZip, a free archiving tool, and
CD-Tag, a tool for ripping CDs and renaming or converting audio files,
also were affected.
Users running these applications were having problems getting their
computers to start after installing the patch.
"While the impact of these issues is clearly not widespread, it is
affecting some of our customers," said Christopher Budd, a security
program manager, in the Microsoft Security Response Center blog.
"Customers who do not have any of the applications will not get the
hotfix. We are able to do this by tailoring our detection logic to
target only those systems with the security update for [the .ANI bug]
and these four applications."
The .ANI vulnerability involves the way Windows handles animated cursor
files and could enable a hacker to remotely take control of an infected
system. The bug affects all the recent Windows releases, including its
new Vista operating system. Internet Explorer is the main attack vector
for the exploits.
Users or IT managers can manually download the hotfix if necessary.
Subscribe to InfoSec News