Is nothing secure any more?

That was the question in my mind this morning, as I woke up XP and found that Windows Update had downloaded some patches overnight.

The details for the patches are available from Microsoft here, but check this out...

Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons...

All versions of Windows are affected, with Windows 2000 the hardest and Vista the least - so get patching.

Speaking of security, I note that a new Stration worm variant is being emailed out at the moment. NOD32 identifies it as Win32/Stration.XW. I got two samples in that usual, idiotic "Mail Server Report - install this Update" social engineering style message. Keep your antivirus up-to-date and don't shoot yourself in the foot by running untrusted attachments, mmkay?