cursor xp

Idiot ( not you millwall) , I read the link you posted. the exploit has to do with .ani extensions not .CurXPTheme files. Cursor XP is not an issue but Patched Windows XP SP2 systems running Internet explorer 6 and 7 are regardless of wether you run CursorXp or not.

oops

WWW Link

a little more on the exploit..

[UPDATE: March 29, 2007 @ 1:15 PM Eastern] Microsoft has confirmed that this is indeed a zero-day flaw that will require a security update. Although Internet Explorer is the primary attack vector, this is a vulnerability in the way Windows handles animated cursor (.ani) files.

From Redmond's security advisory:

The threat is caused by insufficient format validation prior to rendering cursors, animated cursors, and icons.

An attacker could try to exploit the vulnerability by creating a specially crafted web page. An attacker could also create a specially-crafted email message and send it to an affected system. Upon viewing a web page, previewing or reading a specially crafted message, or opening a specially crafted email attachment the attacker could cause the affected system to execute code. While animated cursors typically are associated with the .ani file extension, a successful attack is not constrained by this file type.

A zero-day vulnerability in Microsoft's dominant Internet Explorer browser is being used in drive-by attacks against fully patched Windows XP SP2 systems, according to warnings from anti-virus vendors..

McAfee was the first to raise the alert for the attacks, warning that the exploit simply requires that a user is lured to a maliciously rigged Web page:

Preliminary tests demonstrate that Internet Explorer 6 and 7 running on a fully patched Windows XP SP2 are vulnerable to this attack. Windows XP SP0 and SP1 do not appear to be vulnerable, nor does Firefox 2.0. Exploitation happens completely silently.
According to McAfee researcher Craig Schmugar, the flaw exists in the way IE handles malformed .ani files. (The .ani file format is used to read and store Windows Animated Cursors) and can be easily placed on an attacker's Web site to trigger the vulnerability).

Multiple sources in the anti-malware community have confirmed McAfee's discovery, which includes the use of arbitrary .exe files and Trojan downloaders.

Trend Micro has posted an alert with a diagram explaining the characteristics of the attack:

Check this one out! WWW Link

Checked out the link RadialFX...perhaps Stardock Admins should also (if they already haven't). Could make someone's day pretty messed up.

thanks for clearing that up ingui

No prob Millwall   

(For once i actually KNEW the answer to something around here)   

But as Rad and Uvah pointed out , I would think Stardock would want to nip any confusion in the bud so to speak. There is no patch currently available even though Microsoft knew about the flaw months ago
WWW Link

It looks like at least some of the confusion may have been cleared up.