Another 3rd party patch for the Windows ANI vulnerability
This came from email@example.com:
We have made an emergent patch of 「Microsoft Security Advisory (935423)」. X-Solve is an information security company from Taiwan.
This patch program will install an API-Hooking DLL which protects unsafe API from the 0day exploit.
Please read following texts carefully before your next step. Make sure that you totally understand the related issues and risks or do not use this patch.
This patch is an emergent fix, since Microsoft(C) hasn’t provided an official solution until now. Once you use this patch we will install a file named PatchAni.dll into your system to fix the bugged Windows API. We take a different method with eEye, not just check the path of a file, but analyze the file format and fix the bug at very original source.
Again, this patch is an emergent fix made by X-Solve team, not from Microsoft(C) official site. If you have any other considerations, we do not suggest you to use this software. You still can wait Microsoft(C) to provide an official solution.
Note. It is recommanded to remove this patch if Microsoft(C) provides official solution in the future.
Download the patch for vulnerability#935423 (English Version)
X-Solve Lab, 2007.3.31
More information here .
And in pure coincidence, totally unrelated to the patches from eEye, ZERT and now X-Solve, Microsoft will be releasing the official patch earlier.
I give the “Microsoft Tuesday” initiative another year or so before it collapses under the pressure of 3rd party patches.