MICROSOFT plans to patch a security hole in Windows related to an animated cursor that hackers have used to launch attacks after users click on links to malicious web sites.

Microsoft said it would release the patch outside of a regular monthly security update because it completed testing earlier than anticipated.
"Microsoft's monitoring of attack data continues to indicate that the attacks and customer impact is limited," the company said in a statement.

Security firm F-Secure said attacks using the flaw related to cursor animation files used by Windows intensified over the weekend, with the majority tracing back to different Chinese hacker groups.

It said most of the activity around the so-called ANI exploit has been via dozens of malicious websites but warned that on Sunday the first internet worm, able to replicate without the user doing anything to the machine, was found using the flaw to spread.


"This vulnerability is really tempting for the bad guys," said Mikko Hypponen, chief research officer at F-Secure. "It's easy to modify the exploit, and it can be launched via web or email fairly easily."

Microsoft has been working to improve the security and reliability of its software as more and more malicious software targets weaknesses in Windows and other Microsoft software.

The company said it was working with authorities investigating the latest attacks and that consumers could visit Microsoft Update or Windows Update or get more information at http://www.microsoft.com/athome/security.

"Exploitation may occur when a user clicks a malicious link, reads or forwards a specially-crafted HTML email, or accesses a folder containing a malicious animated cursor file," said a technical bulletin from the US government-backed Computer Emergency Readiness Team.

Reuters