Windows Shortcut Flaw To Get Patch on Monday

Microsoft plans to release a patch on Monday Aug. 2 for a zero-day Windows shell vulnerability that can spread malware through shortcut files.

The company released an advance notice today about the out-of-band security bulletin to come, describing it as a "critical" patch for all supported Windows systems. Critical security bulletins address "a vulnerability whose exploitation could allow the propagation of an Internet worm without user action," according to Microsoft's definition.

Today's advance notice also indicated it was critical to patch Windows XP Professional x64 Service Pack 2. Microsoft ended patch support for Windows XP SP2 on July 13, so it seems a patch will not arrive for this unsupported operating system. Users of this OS have to seek custom support from Microsoft if they can't move off it.

The Windows Shell exploit uses shortcuts to programs on the Windows desktop, which are enabled by. LNK files. Typically, the exploit is distributed through the use of infected USB drives but users don't have to click on the shortcuts for the malware to spread. The infected shortcut files drop malware in Windows systems.

In a blog post, Microsoft explained that it has completed the necessary testing to release the patch, which is needed to battle a growth in Windows Shell exploits. Attacks have increased since Microsoft announced a security advisory about the Windows Shell flaw on July 16.

Earlier, Microsoft had associated the exploit with the Stuxnet worm, and later with the Chymine family of trojan droppers. Microsoft is now saying that the "highly virulent" Sality.AT malware dropper has taken the lead in exploiting the Windows Shell flaw. Since Sality.AT is active in Brazil, that county has seen a greater number of attacks trying to exploit the flaw.

Some software security firms, such as Sophos and G Data, have offered free workaround tools, but the tools apparently do not remove existing contaminations that might reside on a user's desktop. For that, users need antivirus software that can detect the malware. Microsoft also recommends a "Fix it" workaround that disables shortcuts.

The out-of-band patch for the Windows Shell vulnerability will be arriving shortly before Microsoft's August security update. That update is scheduled to appear on Aug. 10, which will be "Patch Tuesday" for the month.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Sign

    2018 Microsoft Predictions Revisited

    From guessing the fate of Windows 10 S to predicting Microsoft's next big move with Linux, Brien's predictions from a year ago were on the mark more than they weren't.

  • Microsoft Recaps Delivery Optimization Bandwidth Controls for Organizations

    Microsoft expects organizations using its Delivery Optimization peer-to-peer update scheme will optimally see 60 percent to 70 percent improvements in terms of network bandwidth use.

  • Getting a Handle on Hyper-V Virtual NICs

    Hyper-V usually makes it easy to configure virtual network adapters within VMs. That is, until you need to create a VM containing multiple virtual NICs.

  • Microsoft Highlights Emerging Kubernetes Scalability and Governance Efforts

    Microsoft this week highlighted some emerging efforts to improve both the scalability and governance of the open source Kubernetes container orchestration service.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.