News

Microsoft Plans Out-of-Cycle Patch for Zero-Day Flaw

We still don't know all that much about the scope of the vulnerability in Microsoft's Windows Animated Cursor handling implementation, but -- based on Redmond's responsiveness thus far -- it seems like a doozy.

Microsoft has thrice updated its original security bulletin first released Thursday, and researchers at the Microsoft Security Response Center (MSRC) have updated the MSRC blog on several occasions, too.

The company now plans to release an out-of-cycle patch for the flaw tomorrow, although "it’s possible that we will find an issue that will force us to delay the release," wrote MSRC researcher Christopher Budd in a blog post yesterday.

The MSRC on Thursday confirmed the existence of "very limited attacks." By Saturday, however, Budd acknowledged that the number of attacks had escalated.

"From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat. Additionally, we are aware of public disclosure of proof-of-concept code," Budd wrote. The vulnerability affects all versions of Windows -- including Windows Vista, Microsoft confirms.

Redmond's regular Patch Tuesday festivities are scheduled for April 10. A number of factors -- escalated attacks, proof-of-concept code -- prompted Microsoft to release an out-of-order update. There are other concerns, too: The Associated Press reports, via security researcher McAfee, that a posting on a Chinese hacking forum indicates that additional hackers plan to start exploiting the vulnerability, too.

Elsewhere, the AP cites speculation, attributed to researchers at VeriSign Inc.'s Defense labs, that Chinese hackers plan to use the vulnerability to steal (and subsequently sell) information pertaining to the World of WarCraft video game.

Microsoft's patch, should it appear tomorrow, won't be any rush job, Budd promised. "I'm sure one question in people's minds is how we're able to release an update for this issue so quickly," he wrote. "[T]his issue was first brought to us in late December 2006 and we've been working on our investigation and a security update since then. This update was previously scheduled for release as part of the April monthly release [next week]. Due to the increased risk to customers from these latest attacks, we were able to expedite our testing to ensure an update is ready for broad distribution sooner than April 10."

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.