Wednesday, April 4, 2007

eEye Releases Temporary Patch for Windows .ANI Exploit

Microsoft hasn't released the patch, yet. So, if you are concerned about this exploitation, there's a temporary patch available from eEYE which can fix the issue until Microsoft releases an official patch.

Please test these files before using in production environment. Thie eEye patch should be removed once Microsoft releases the official patch. The patch doesn't work on x64 or Itanium based machines.

The patch and more information about the .ANI vulnerability can be found at:

http://research.eeye.com/html/alerts/zeroday/20070328.html

No comments: