Latest on security update for Microsoft Security Advisory 935423

Hello everyone, this is Christopher Budd.


We have some new information tonight on the status of the security update that we’re working on that addresses the vulnerability in Windows Animated Cursor Handling.


From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat. Additionally, we are aware of public disclosure of proof-of-concept code. In light of these points, and based on customer feedback, we have been working around the clock to test this update and are  currently planning to release the security update that addresses this issue on Tuesday April 3, 2007.


I want to note that we are testing still and will be up until the release, to ensure the highest quality possible. So, it’s possible that we will find an issue that will force us to delay the release. If we do find an issue, though, we will let you know through the MSRC weblog as soon as we know.


I’m sure one question in people’s minds is how we’re able to release an update for this issue so quickly. I mentioned on Friday that this issue was first brought to us in late December 2006 and we’ve been working on our investigation and a security update since then. This update was previously scheduled for release as part of the April monthly release on April 10, 2007. Due to the increased risk to customers from these latest attacks, we were able to expedite our testing to ensure an update is ready for broad distribution sooner than April 10.


In the meantime, I do want to encourage everyone to make sure that you have the latest signatures for your antivirus and other security products. As I noted on Friday we have given our partners in the MSRA program information that they can use to help protect against attempts to exploit this vulnerability. Until we release the security update for this issue, the latest signatures for your security products can help to provide additional protections.


We’ll continue to update you with new information on this situation as we have it.


Thanks very much.




*This posting is provided “AS IS” with no warranties, and confers no rights.*