A new flaw has been found in how Windows handle the behavior of animated cursors according to the security advisory by Microsoft. This flaw affects all Windows versions including the newest OS, Vista.
It’s a very serious flaw since it can affect an e-mail even if the user just previews an email without opening it. If the malicious e-mail is previewed or if a certain web page contains the malicious code, it will be executed instantly.
The code can make someone’s computer be a botnet.
“This is one of the more serious ones as this allows remote code execution,” said Don Leatham of PatchLink.
This warning was also posted at Avert Labs of McAfee.