Microsoft Repatches Its .ANI Emergency Patch

Still dealing with problems with last week's emergency .ANI vulnerability patch, Microsoft has fixed three more issues in a "high-priority" update.

Sharon Gaudin, Contributor

April 9, 2007

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Still dealing with problems with last week's emergency .ANI vulnerability patch, Microsoft has fixed three more issues in a "high-priority" update.

Microsoft issued a hotfix for the patch on Tuesday, April 3, just hours after the original patch was released to the public. A hotfix is a small patch; typically they come out more frequently and with much less fanfare than the normal cycle of monthly or emergency patches. This time the hotfix was used to correct a problem in the emergency patch.

The hotfix was released last week to deal with a problem stemming from some files in the patch and the operating system having conflicting base addresses. Because of that, with computers running Microsoft Windows XP with Service Pack 2, the Realtek HD Audio Control Panel had problems starting after the patch was installed. Users also received an error message about an illegal system DLL relocation.

After that issue was dealt with in the hotfix on Tuesday, Microsoft updated the hotfix on Friday to deal with other programs that were affected on Windows XP, Service Pack 2 systems.

Microsoft noted in an advisory that ElsterFormular 2006/2007, German tax calculation software, was affected. TUGZip, a free archiving tool, and CD-Tag, a tool for ripping CDs and renaming or converting audio files, also were affected.

Users running these applications were having problems getting their computers to start after installing the patch.

"While the impact of these issues is clearly not widespread, it is affecting some of our customers," said Christopher Budd, a security program manager, in the Microsoft Security Response Center blog. "Customers who do not have any of the applications will not get the hotfix. We are able to do this by tailoring our detection logic to target only those systems with the security update for [the .ANI bug] and these four applications."

The .ANI vulnerability involves the way Windows handles animated cursor files and could enable a hacker to remotely take control of an infected system. The bug affects all the recent Windows releases, including its new Vista operating system. Internet Explorer is the main attack vector for the exploits.

Users or IT managers can manually download the hotfix if necessary.

About the Author

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights