With active attacks taking advantage of a .ANI file vulnerability affecting Windows operating systems up through Windows Vista, Microsoft has prepared and released a patch, MS07-17, ahead of its regularly scheduled Patch Tuesday next week.
Internetnews.com reports this morning that the attacks are coming out of China and seem to be targeting the online credentials of online game players. An Australian IT piece reports that the main target may be the game World of Warcraft; hackers can sell virtual items within the game with the stolen IDs. The hack, of course, could expand beyond games to other, more enterprise-relevant vectors.
An iDefense VeriSign exec says in the internetnews.com piece that the problem will turn out to be one of the most significant threats seen for several years.