March 30th, 2007 
admin 
An exploit has been found that allows remote code execution with privileges of the logged in user. Here lies another reason for non-root, non-admin user usage. Anyway, here is the info:
” In December 2006, Determina announced that it had found a number of new vulnerabilities affecting Microsoft Windows and related products. These were privately reported to Microsoft by Determina and no public information was released on how to exploit these vulnerabilities.
Today, Microsoft announced that they had found public exploits against one of these vulnerabilities – CVE-2007-0038. The problem relates to the processing of animated cursor icons, and the vulnerability is a buffer overflow in the processing code. Microsoft fixed a closely related vulnerability with their MS05-02 security update, but their fix was incomplete. Determina Security Research was able to bypass the patch and develop a proof-of-concept exploit that works on fully-patched Windows systems.”
Affected Systems:
- Windows NT
- Windows 2000
- Windows XP
- Windows 2003
- Windows Vista
Source: Determina Security
Posted in 
[...] this message, it is due to a recent patch that microsoft pushed out in response to a very bad Microsoft Windows Animated Cursor Buffer Overflow Vulnerability. You may get a message like [...]