ANI Patch released

In response to the ZERT and eEye patches...oh, and the vulnerability...Microsoft has released an out of cycle patch for the ANI parsing vulnerabilities. The malware code was found by a Chinese anti-virus firm, as reported by Websense.

Microsoft released the patch for MS07-017 earlier today, and so far we have not had any problems with the update.

We've been watching the message boards and email lists closely while experts from ZERT, Websense and the ISC have been tracking the malicious urls. Nearly 25 meg of malware, over 430 unique files, have been uncovered related to this vulnerability.

Unfortunately the DISOG team has been busy working on another project and was unable to offer our assistance in this case, however we wanted to get the word out about the patches.

Malformed ANI Generation code has been posted on the usual sites, so if you haven't already patched we suggest you do so as soon as possible.

Update: Reports of problems with the patch have been brought to the ISC's attention. Microsoft is aware of the problem and will release a bugfix next Tuesday with the normal patch cycle.