This article is from the source 'bbc' and was first published or seen on . It will not be checked again for changes.

You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/technology/6509865.stm

The article has changed 2 times. There is an RSS feed of changes available.

Version 0 Version 1
Users warned on Windows cursors Users warned on Windows cursors
(20 minutes later)
Animated cursors could prove risky for Windows users, warns Microsoft. Animated cursors could prove risky for Windows users, Microsoft has warned.
The software giant is investigating reports that the way Windows handles alternatives to the traditional arrow cursor can leave PCs open to attack.The software giant is investigating reports that the way Windows handles alternatives to the traditional arrow cursor can leave PCs open to attack.
By booby-trapping a website or e-mail attachment with code that exploits the flaw, malicious hackers could hijack a Windows PC.By booby-trapping a website or e-mail attachment with code that exploits the flaw, malicious hackers could hijack a Windows PC.
Microsoft warned users to be wary of attachments and urged them to update security software to combat the threat.Microsoft warned users to be wary of attachments and urged them to update security software to combat the threat.
Open WindowsOpen Windows
Malicious hackers are already known to be exploiting the flaw according to reports from the Sans Internet Storm Center.Malicious hackers are already known to be exploiting the flaw according to reports from the Sans Internet Storm Center.
In an alert, Sans said several security firms had seen evidence of websites being set up, hosting code that can exploit the bug. Information about it is being spread on bulletin boards malicious hackers are known to frequent.In an alert, Sans said several security firms had seen evidence of websites being set up, hosting code that can exploit the bug. Information about it is being spread on bulletin boards malicious hackers are known to frequent.
PC users could fall victim by opening a booby-trapped attachment on an e-mail or by visiting a website that is hosting the code.PC users could fall victim by opening a booby-trapped attachment on an e-mail or by visiting a website that is hosting the code.
"Exploitation happens completely silently," said security firm McAfee which was one of the first to find the bug. Once installed, the exploit code could download and run any other file, warned McAfee."Exploitation happens completely silently," said security firm McAfee which was one of the first to find the bug. Once installed, the exploit code could download and run any other file, warned McAfee.
Microsoft urged people to update their security software so they could get hold of signature files that spot and stop the exploit code.Microsoft urged people to update their security software so they could get hold of signature files that spot and stop the exploit code.
Simply blocking the .ani files that denote animated cursors will not work as many attackers are renaming booby-trapped files to disguise their dangerous nature.Simply blocking the .ani files that denote animated cursors will not work as many attackers are renaming booby-trapped files to disguise their dangerous nature.
Microsoft said that many different versions of Windows were vulnerable to the attack. The list of potential victims includes Windows Vista, XP, 2000 and Server 2003.Microsoft said that many different versions of Windows were vulnerable to the attack. The list of potential victims includes Windows Vista, XP, 2000 and Server 2003.
The software firm said those using Outlook Express would be vulnerable as would those who forward or reply to booby-trapped e-mail messages with Windows Mail on Vista.The software firm said those using Outlook Express would be vulnerable as would those who forward or reply to booby-trapped e-mail messages with Windows Mail on Vista.
However, it said that users of Outlook 2007 would be protected.However, it said that users of Outlook 2007 would be protected.
Security firms said users can stay safe from this vulnerability by using an alternative browser, such as Opera or Firefox 2.0, with Windows. Also protected are those using Windows Vista with Internet Explorer 7.0.Security firms said users can stay safe from this vulnerability by using an alternative browser, such as Opera or Firefox 2.0, with Windows. Also protected are those using Windows Vista with Internet Explorer 7.0.