Microsoft readies emergency patch for Shortcut zero-day flaw

by Graham Cluley on August 2, 2010 | Leave a comment

Filed Under: Malware, Vulnerability

Emergency
Updated Good news from Microsoft. It has announced that it plans to release an emergency out-of-band update to patch a critical Windows security vulnerability that is being actively exploited by malware.

The so-called Shortcut exploit is being exploited by specially crafted shortcut (.LNK) files that point to malicious code and trick Windows into executing it without user interaction.

Malware exploiting the vulnerability have included Stuxnet, Chymin and Dulkis, Zbot, and - most recently - Sality.

"In the past few days, we've seen an increase in attempts to exploit the vulnerability. We firmly believe that releasing the update out of band is the best thing to do to help protect our customers," Christopher Budd, Senior Security Response Communications Manager at Microsoft, wrote on the MSRC blog.

Microsoft normally publishes its security patches on the second Tuesday of each month, but this one is scheduled to be released today (Monday, August 2 2010) at 10am PST (1800 BST).

Whenever Microsoft releases an out-of-band patch it's a big deal - they clearly think it's an important enough issue to break their regular cycle and you should pay attention too. We would recommend that computer users apply the patch as soon as possible.

As Microsoft is issuing a permanent patch for the shortcut vulnerability, we would recommend that users uninstall the Sophos Windows Shortcut Exploit Protection Tool before applying the Microsoft fix.

Update Microsoft's patch is now available for download. Read Microsoft Security Bulletin MS10-046 on their website for further information.

Of course, the patch does not work on Windows XP SP2 and earlier, which is no longer supported by Microsoft.

* Image source: Chris Violette's Flickr Photostream (Creative Commons)

Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.