Microsoft readies emergency patch for Shortcut zero-day flaw

Filed Under: Malware, Microsoft, Vulnerability

Updated Good news from Microsoft. It has announced that it plans to release an emergency out-of-band update to patch a critical Windows security vulnerability that is being actively exploited by malware.

The so-called Shortcut exploit is being exploited by specially crafted shortcut (.LNK) files that point to malicious code and trick Windows into executing it without user interaction.

Malware exploiting the vulnerability have included Stuxnet, Chymin and Dulkis, Zbot, and - most recently - Sality.

"In the past few days, we've seen an increase in attempts to exploit the vulnerability. We firmly believe that releasing the update out of band is the best thing to do to help protect our customers," Christopher Budd, Senior Security Response Communications Manager at Microsoft, wrote on the MSRC blog.

Microsoft normally publishes its security patches on the second Tuesday of each month, but this one is scheduled to be released today (Monday, August 2 2010) at 10am PST (1800 BST).

Whenever Microsoft releases an out-of-band patch it's a big deal - they clearly think it's an important enough issue to break their regular cycle and you should pay attention too. We would recommend that computer users apply the patch as soon as possible.

As Microsoft is issuing a permanent patch for the shortcut vulnerability, we would recommend that users uninstall the Sophos Windows Shortcut Exploit Protection Tool before applying the Microsoft fix.

Update Microsoft's patch is now available for download. Read Microsoft Security Bulletin MS10-046 on their website for further information.

Of course, the patch does not work on Windows XP SP2 and earlier, which is no longer supported by Microsoft.

* Image source: Chris Violette's Flickr Photostream (Creative Commons)


You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley