Add as a preferred source on Google


News

Microsoft Plans Out-of-Cycle Patch for Zero-Day Flaw

We still don't know all that much about the scope of the vulnerability in Microsoft's Windows Animated Cursor handling implementation, but -- based on Redmond's responsiveness thus far -- it seems like a doozy.

Microsoft has thrice updated its original security bulletin first released Thursday, and researchers at the Microsoft Security Response Center (MSRC) have updated the MSRC blog on several occasions, too.

The company now plans to release an out-of-cycle patch for the flaw tomorrow, although "it’s possible that we will find an issue that will force us to delay the release," wrote MSRC researcher Christopher Budd in a blog post yesterday.

The MSRC on Thursday confirmed the existence of "very limited attacks." By Saturday, however, Budd acknowledged that the number of attacks had escalated.

"From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat. Additionally, we are aware of public disclosure of proof-of-concept code," Budd wrote. The vulnerability affects all versions of Windows -- including Windows Vista, Microsoft confirms.

Redmond's regular Patch Tuesday festivities are scheduled for April 10. A number of factors -- escalated attacks, proof-of-concept code -- prompted Microsoft to release an out-of-order update. There are other concerns, too: The Associated Press reports, via security researcher McAfee, that a posting on a Chinese hacking forum indicates that additional hackers plan to start exploiting the vulnerability, too.

Elsewhere, the AP cites speculation, attributed to researchers at VeriSign Inc.'s Defense labs, that Chinese hackers plan to use the vulnerability to steal (and subsequently sell) information pertaining to the World of WarCraft video game.

Microsoft's patch, should it appear tomorrow, won't be any rush job, Budd promised. "I'm sure one question in people's minds is how we're able to release an update for this issue so quickly," he wrote. "[T]his issue was first brought to us in late December 2006 and we've been working on our investigation and a security update since then. This update was previously scheduled for release as part of the April monthly release [next week]. Due to the increased risk to customers from these latest attacks, we were able to expedite our testing to ensure an update is ready for broad distribution sooner than April 10."

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Dismantles RedVDS Cybercrime Marketplace Linked to $40M in Phishing Fraud

    In a coordinated action spanning the United States and the United Kingdom, Microsoft’s Digital Crimes Unit (DCU) and international law enforcement collaborators have taken down RedVDS, a subscription based cybercrime platform tied to an estimated $40 million in fraud losses in the U.S. since March 2025.

  • Sound Wave Illustration

    CrowdStrike's Acquisition of SGNL Aims to Strengthen Identity Security

    CrowdStrike signs definitive agreement to purchase SGNL, an identity security specialist, in a deal valued at about $740 million.

  • Microsoft Acquires Osmos, Automating Data Engineering inside Fabric

    In a strategic move to reduce time-consuming manual data preparation, Microsoft has acquired Seattle-based startup Osmos, specializing in agentic AI for data engineering.

  • Linux Foundation Unites Major Tech Firms to Launch Agentic AI Foundation

    The Linux Foundation today announced the creation of a new collaborative initiative — the Agentic AI Foundation (AAIF) — bringing together major AI and cloud players such as Microsoft, OpenAI, Anthropic and other major tech companies.

Most   Popular