Microsoft today released an update for the recently popular ‘animated cursor’ vulnerability. The update was originally scheduled for April 10th, but due to recent exploits, was rushed out today. The update wasn’t just for this one vulnerability though, in Vista, it addressed two others, and in all covered seven vulnerabilities in Vista, XP and 2000.

Vista is still fairing pretty well as far as security issues go, which is even evident in this update (Vista’s three fixes verses XP’s six). So what was fixed? Here are the three vulnerabilities that were patched with this update:

EMF Elevation of Privilege Vulnerability

When any program renders an EMF file (a 32-bit image format that can contain both vector and bitmap information), an unchecked buffer causes the GDI (Graphics Device Interface) to allow an elevation of privileges. The vulnerability could result in an attacker having full control of the computer, but was only given an Important rating since the attacker would have to have the ability to logon locally and run a program.

Windows Animated Cursor Remote Code Execution Vulnerability

When Vista checks the format of a cursor, animated cursor, or icon, it was incorrectly validating them which allowed a specially crafted file to be executed, which could result in an attacker gaining complete control of the system. The problem isn’t limited to the .ani ‘animated cursor’ file type that this vulnerability’s name was based on. This vulnerability could be exploited through viewing this malicious file through a web page or e-mail page, earning it a Critical status.

GDI Incorrect Parameter Local Elevation of Privilege Vulnerability

When any program renders an image, it passes color information to an unchecked buffer causing the GDI to allow an elevation of privileges. The vulnerability could result in an attacker having full control of the computer, but was only given an Important rating since the attacker would have to have the ability to logon locally and run a program.