Article

Microsoft releases emergency patch for Windows flaw

Marcia Savage

As expected, Microsoft on Monday released an emergency update to fix a Windows flaw that attackers have been actively exploiting.

The software giant announced Friday that

    Requires Free Membership to View

it would release a fix for the zero-day vulnerability out of its normal patching schedule due to increased malware attacks. Microsoft rated the update as critical.

"This security update addresses a vulnerability in the handling of shortcuts that affects all currently supported versions of Windows XP, Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2," Christopher Budd, Microsoft senior security response communications manager, wrote in a blog post.

The company issued an advisory July 16 about the Windows Shell vulnerability, which allows attackers to exploit malicious code when a shortcut icon is displayed. According to Microsoft, an attack can be carried out via a USB drive, remotely through network shares and WebDav, or in specific document types that support embedded shortcuts.

On Friday, the Microsoft Malware Protection Center reported that a malware strain called Sality is exploiting the vulnerability on a widespread basis. Other threats exploiting the flaw include Stuxnet, a worm that uses the Windows vulnerability to target Siemens SCADA system software.

Budd said customers not using automatic updates should download, test and deploy Monday's update as soon as possible.

Jason Miller, data and security team leader at Minneapolis-based Shavlik Technologies LLC, said it's not uncommon for Microsoft to release out-of-band updates -- fixes outside of its usual monthly patching schedule -- but Monday's update is surprising in that it comes so close to next week's Patch Tuesday.

"If Microsoft is prompting an out-of-band on this, you should be patching this one pretty soon," he said in an interview. "I probably wouldn't wait until next the maintenance cycle, but a lot of organizations can't have downtime that's not on their maintenance window, so they could be waiting until the next Patch Tuesday."

Miller described the Sality malware as fairly nasty. "If it gets on your system, it's hard to clean up," he said. Researchers at Sophos Plc. recently posted an analysis of the Sality malware.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: