So you thought insecure animated cursors was bad?

Well, it was (and is if you haven't patched) but how about error messages? The latest round of patches from Microsoft fixed a security hole in that lets crackers locally and remotely exploit error message handling:

A remote code execution vulnerability exists in the Windows Client/Server Run-time Subsystem (CSRSS) process because of the way that it handles error messages. An attacker could exploit the vulnerability by constructing a specially crafted application that could potentially allow remote code execution.

Additionally, if a user viewed a specially crafted Web site, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

The vulnerability is marked as Critical across all supported versions of Windows, including Vista.

CSRSS seems to be part of the Terminal Services stuff in Windows - The Client-Server Runtime Subsystem is the process and thread manager for all logon sessions.

What next...