Microsoft readies emergency patch for Shortcut zero-day flaw

by Graham Cluley on August 2, 2010 | Leave a comment

Filed Under: Malware, Microsoft, Vulnerability

Emergency
Updated Good news from Microsoft. It has announced that it plans to release an emergency out-of-band update to patch a critical Windows security vulnerability that is being actively exploited by malware.

The so-called Shortcut exploit is being exploited by specially crafted shortcut (.LNK) files that point to malicious code and trick Windows into executing it without user interaction.

Malware exploiting the vulnerability have included Stuxnet, Chymin and Dulkis, Zbot, and - most recently - Sality.

"In the past few days, we've seen an increase in attempts to exploit the vulnerability. We firmly believe that releasing the update out of band is the best thing to do to help protect our customers," Christopher Budd, Senior Security Response Communications Manager at Microsoft, wrote on the MSRC blog.

Microsoft normally publishes its security patches on the second Tuesday of each month, but this one is scheduled to be released today (Monday, August 2 2010) at 10am PST (1800 BST).

Whenever Microsoft releases an out-of-band patch it's a big deal - they clearly think it's an important enough issue to break their regular cycle and you should pay attention too. We would recommend that computer users apply the patch as soon as possible.

As Microsoft is issuing a permanent patch for the shortcut vulnerability, we would recommend that users uninstall the Sophos Windows Shortcut Exploit Protection Tool before applying the Microsoft fix.

Update Microsoft's patch is now available for download. Read Microsoft Security Bulletin MS10-046 on their website for further information.

Of course, the patch does not work on Windows XP SP2 and earlier, which is no longer supported by Microsoft.

* Image source: Chris Violette's Flickr Photostream (Creative Commons)

Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.