Microsoft issued a Security Advisory about targeted attacks exploiting a vulnerability in the way Windows handles animated cursor (.ani) files.
We have reports of ANI file exploited and hosted on some of the sites. Added the detection of vulnerable ANI files as Exploit.MS05-002 in today’s update (30-03-2007)
In order for this attack to be carried out, a user must either visit a web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.
Users should always exercise extreme caution when opening or viewing unsolicited emails and email attachments from both known and unknown sources.