Nice info, except that the patch isn't there and there isn't any information on Microsoft at all regarding a MS07-17 download or a patch in Windows Update for ANI Zero-day.

Are you sure you got this one right?

This vulnerability was not "discovered last week". Looking at an article on your own website (http://securitywatch.eweek.com/exploits_and_attacks/ani_zero_day_takes_new_turns_to_the_ubernasty.html?kc=EWNAVEMNL040207EOAD)
notes that "Microsoft was first alerted to the Windows animated cursor vulnerability on Dec. 20 by a security researcher at Determina."

So they've been sitting on it for over 3 months, and are only now getting around to it 'cause it's so nasty. In the meantime, it took M$ a mere 3 days to respond to the first DRM crack (http://www.schneier.com/essay-126.html)

Who does M$ look out for?
Itself-obviously.

There are NO critical updates available on MS Update site right now

We have been waiting for this patch; you say it's out ? Where ?

I checked the history of my downloads, and do not see MS07-17, and am wondering if it is on my computer. There was a download came in yesterday while I was in here, but it had a different number. Can you tell me anything about it, or what I should look for. Thank you.

Marjorie Miller