The unofficial temporary patch, published early Friday, fixes a bug in the way Windows processes Animated Cursor files, which are used to create cartoon-like cursors in Windows. Security researchers at McAfee first reported the bug on Wednesday evening, saying that it has been used in Web-based attacks.
Microsoft has said that it will eventually fix the problem and it generally recommends that users avoid this type of third-party fix for its products. But in the past, similar patches from eEye and others have been downloaded by tens of thousands of Windows users, unwilling to wait for Microsoft’s updates.
Microsoft’s next set of security patches are due April 10, but the software giant has not said whether or not that release will include a fix for the Animated Cursor problem.