0 Day vulnerability in .ani files
Apparently there is a new zero day flaw in Windows (Vista, XP, 2000 Sp4, 2003 server).
It involves .ani files (usually associated with animated cursors) A malicious website could exploit this, and install all sorts of "delightful things" onto your system?
More details are here:
I guess that I am surprised that it has taken so long? after all, an animated cursor or icon is a form of executable? The idea of using screensavers (.scr) as an attack vector is relatively old, and I would have expected the .ani to follow on much more rapidly?
Perhaps it is a reflection of the recent major shift in direction towards revenue producing criminality, in the malware world?