Windows animated cursor attack
The way Microsoft Windows handles animated cursors on Web sites puts PCs at risk.
Successful exploitation can result in memory corruption when processing cursors, animated cursors, and icons. According to Arbor Networks, the malicious code on compromised Web sites exploiting this flaw appears to be originating from the following sites, which you may want to block:
wsfgfdgrtyhgfd.net
85.255.113.4
uniq-soft.com
fdghewrtewrtyrew.biz
newasp.com.cn
To become infected, users must be using Internet Explorer 6 or 7; there is no need to click, just visiting an infected site is enough for an infection. The flaw does not affect Firefox or Opera Internet Browsers. Microsoft released a patch within its security bulletin MS07-017.
Additional Resources
Microsoft: MS07-017
Zeroday Emergency Response Team (ZERT): Unofficial patch
NIST: CVE-2007-0038
Arbor Networks: Any Ani file could infect you
Websense: Alert
F-Secure: Blog post