As I have predicted vista will be the biggest target ever
for all kinds of attacks. It will be brought down to its knees
by the hackers. Why? Well because MS boasted about it being secure... and
everyone knows that this is a lie.
Now all the hackers have to do is play! Although I wish no harm to anyone...
vista needs a good smack-down to show
the world what a piece of crap it really is. MS has the NERVE to CLAIM that
vista is more secure than linux or Macs...
ohhh their asking for it BIG TIME!

see a video here of the .ani attack (this effects all versions of windows,
but I thought vista was secure.. what the heck is UAC doing? sleeping? )

http://www.youtube.com/watch?v=hf0S0Vk7j6I

see article here:

March 30, 2007
Follow-up: Vista vulnerable to animated cursor flaw
On Thursday, I posted an item about a flaw in Internet Explorer 6 and 7
related to the way those browsers in Windows XP Service Pack 2 handle
animated cursors. At the time, the word was that it would not affect IE7 on
Windows Vista because of that browser's Protected Mode, which isolates it
from the operating system.

However, apparently IE need not be involved at all. Just the way Windows
handles animated cursors leaves the operating system vulnerable. Drag a
malicious animated cursor file (.ani) to the Vista desktop and . . .

Well, see for yourself, courtesy of this video by McAfee's Craig Schmugar:

Yes, what you're watching is an endless loop of Windows Explorer crashing
and restarting, over and over. In its security bulletin on the flaw,
Microsoft mentions that one way to spread this would be via e-mail. Indeed,
an e-mail attachment saved to the desktop would be just the thing to kick
off this crash-restore cycle.

It will be interesting to see how fast Microsoft patches this vulnerability.

Update: Security firm eEye has issued a third-party patch for the flaw. Use
it at your own risk.

Update 2.0: Microsoft -- Attacks on Windows Flaw Rise