Microsoft to release emergency security fix

News

Microsoft to release emergency security fix

Warwick Ashford

Microsoft plans to release an emergency security update for Windows today to patch a recently reported vulnerability in the way the operating system creates desktop shortcuts.

The out-of-band release will prevent Windows from allowing malicious code to be executed when the icon of a specially crafted shortcut is displayed.

40114_Hacker-keyboard-red.jpg

The software developer decided to release a patch before the monthly Patch Tuesday update on 10 August after finding evidence that the vulnerability was being exploited.

Multiple techniques to exploit the vulnerability are appearing on the internet, according to the Microsoft Malware Protection Centre (MPC).

Researchers said a variant of the Sality family of viruses that exploits the vulnerability is particularly virulent.

Sality.AT is known to infect other files, which makes full removal after infection challenging. It then copies itself to removable media, disables security and then downloads other malware.

With the release of Sality.AT, developers of other virus families will likely move quickly to copy the technique to target the same vulnerability, the MPC said.

Most versions of Windows are affected, including Windows 7, XP, Server 2003, Vista and Server 2008.

Microsoft has published a detailed list of vulnerable software in a security advisory.

This is one of the worst vulnerabilities the security community has seen in a long while, said Ondrej Vlcek, chief technology officer of security firm Avast Sofware.

The vulnerability being exploited is not a bug, but a design feature that many hardware suppliers rely on to make their products work with Windows, he said.

"For this reason, merely blocking this feature is not a viable mitigation strategy," said Vlcek.

All Windows users should ensure their systems are patched as exploits of this vulnerability are able to do "just about anything", and can be carried out via e-mailed hyperlinks, torrents or website drive-by download attacks, he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy