News

Windows Shortcut Flaw To Get Patch on Monday

Microsoft plans to release a patch on Monday Aug. 2 for a zero-day Windows shell vulnerability that can spread malware through shortcut files.

The company released an advance notice today about the out-of-band security bulletin to come, describing it as a "critical" patch for all supported Windows systems. Critical security bulletins address "a vulnerability whose exploitation could allow the propagation of an Internet worm without user action," according to Microsoft's definition.

Today's advance notice also indicated it was critical to patch Windows XP Professional x64 Service Pack 2. Microsoft ended patch support for Windows XP SP2 on July 13, so it seems a patch will not arrive for this unsupported operating system. Users of this OS have to seek custom support from Microsoft if they can't move off it.

The Windows Shell exploit uses shortcuts to programs on the Windows desktop, which are enabled by. LNK files. Typically, the exploit is distributed through the use of infected USB drives but users don't have to click on the shortcuts for the malware to spread. The infected shortcut files drop malware in Windows systems.

In a blog post, Microsoft explained that it has completed the necessary testing to release the patch, which is needed to battle a growth in Windows Shell exploits. Attacks have increased since Microsoft announced a security advisory about the Windows Shell flaw on July 16.

Earlier, Microsoft had associated the exploit with the Stuxnet worm, and later with the Chymine family of trojan droppers. Microsoft is now saying that the "highly virulent" Sality.AT malware dropper has taken the lead in exploiting the Windows Shell flaw. Since Sality.AT is active in Brazil, that county has seen a greater number of attacks trying to exploit the flaw.

Some software security firms, such as Sophos and G Data, have offered free workaround tools, but the tools apparently do not remove existing contaminations that might reside on a user's desktop. For that, users need antivirus software that can detect the malware. Microsoft also recommends a "Fix it" workaround that disables shortcuts.

The out-of-band patch for the Windows Shell vulnerability will be arriving shortly before Microsoft's August security update. That update is scheduled to appear on Aug. 10, which will be "Patch Tuesday" for the month.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Adds 6 More Months to Expiring Certification Programs

    Microsoft has announced an extension to the end date of three certification programs slated for retirement.

  • Microsoft's Surface Pro X: It's Like the Surface RT, But Better

    There's a lot about the Surface Pro X that's reminiscent of the ill-fated Surface RT. But despite the similarities, this might just be one of the rare cases where the sequel is better than the original.

  • Q&A: The Challenges of Securing All Those Newly Remote Workers

    Security expert Dale Meredith identifies cybersecurity challenges, best practices and major concerns resulting from all the employees forced into home offices by COVID-19.

  • Astronaut Survival Training: A Crash Course in Sea Survival

    Lots of things can go wrong during a commercial spaceflight -- especially once your capsule leaves space. An unplanned ocean landing is just one of those worst-case scenarios.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.