Issue:

A serious new Internet attack affecting Internet Explorer 6 and 7 (and Outlook 2002 and later on Windows XP SP2) is underway. If you simply view a Web site or HTML e-mail that's been laced with a poisoned animated cursor file (.ani), an attacker can take over your computer. No patch is available yet.

Belief:

Microsoft says to read all e-mail in plain text rather than HTML, and lists no help for IE. For Vista, Microsoft says that IE 7's protected mode will defend against this attack in the new OS. Outlook 2007 isn't affected because it uses Word to display e-mail by default. Until there is a fix or at least a temporary workaround, use an alternate browser such as Firefox or Opera, and turn off HTML e-mail viewing in Outlook.