Lessons Learned from the Animated Cursor bug


I just posted an analysis over on the SDL blog of the lessons we learned from the recent animated curser (ANI) bug.

Comments (4)

  1. orcmid says:

    That’s a great kick-off.  I look forward to that setting the tone of the SDL blog.

    Impressive work.

  2. Mark Sowul says:

    One thing that I find disappointing is that most security bulletins don’t mention whether DEP prevents the exploit.  I have DEP enabled by default (OptOut) and so should be immune from most of the stack-based overflows, but often need to consult 3rd-party information to determine whether I am protected from a given exploit.

  3. jeanne pambrun says:

    I’m haveing a problem with the security on my computer.It will not let me download and I cannot right click to copy ect.  Yahoo.ca have covered my explorer icon and I cannot know what to do.I read their solving and it say it has to do with XP 2. Please assist if you can. Thank for reading this.

    Sincerely Jeanne

  4. I join to Mark Sowul’s comment that nothing is said about DEP in security buletins.