ANI Zeroday, Third Party Patch

ANI Zeroday, Third Party Patch
ANI Zeroday, Third Party Patch

Forwarded from: "Marc Maiffret" 

A new vulnerability was recently discovered, in the wild, that affects 
the .ANI file format. This flaw affects all versions of Microsoft 
Windows and can be delivered through multiple attack vectors, 
specifically any user who visits a malicious website. This flaw remains 
as of yet unpatched by Microsoft.

Interesting to point out is the similarity between this new zeroday and 
a .ANI file vulnerability that eEye discovered as far back as 2005. It 
seems even though Microsoft takes on average over 6 months to produce 
patches they still are failing in being able to perform a proper code 
audit to find similar and related vulnerabilities. This is made more 
apparent by the fact that this vulnerable code also ships with Windows 

We have provided a brief analysis, free third party patch (with source 
code), which is all available here: 

This patch like ones we have done previously has full command line 
options, for scripting and related, and also source code is included for 
your learning/verification etc...

As always patches like this are experimental, i.e. we are not Microsoft, 
however we have taken as many precautions as we can to make the patch as 
stable as possible. Alternatively we also provide a complete, free host 
based security solution which will protect from this attack and many 
others, which you can download here: 

Any questions, comments, improvements, please direct them to 

Marc Maiffret
Chief Hacking Officer
eEye Digital Security
F.949.349.9329 - End-Point Vulnerability Prevention - Network Security Scanner - Network Traffic Analyzer - Stop known and unknown IIS vulnerabilities 

Visit the InfoSec News Security Bookstore 

Site design & layout copyright © 1986-2015 CodeGods