Windows Security Flaw Linked to Super Bowl Site Attack
A security flaw in Microsoft Corp.'s Windows software that leaves computers vulnerable to hijack is linked to February's attack on the website of Super Bowl host Dolphin Stadium, researchers say.
In an advisory issued by Microsoft Thursday, the world's largest software maker said it had confirmed that multiple versions of Windows — including the latest Vista version — contain a flaw in the way the operating system handles animated cursors or pointers.
The animated cursor files end with the filename extension ".ani" and are sometimes used by software such as Microsoft's Office suite and by website developers to enhance or modify the experience of using the computer. The vulnerability could allow an attacker to take control of a computer.