Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Data Security / Emergency MS Patch Fixes Shortcuts
Emergency Patch Fixes Windows Shortcut Vulnerability
Emergency Patch Fixes Windows Shortcut Vulnerability
By Mike Kent / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
02
2010
Microsoft has rushed out a patch to correct the way Windows parses shortcuts, a vulnerability we reported two weeks ago. Hackers have been exploiting the bug, which Microsoft had warned was most likely to be spread by removable drives when AutoPlay was not disabled.

While the patch, rated critical, fixes currently supported Windows operating systems, Windows XP SP2 and Windows 2000 were not included. Those versions have reached their end of life, although many systems are still using them. The patch can be applied with the Microsoft Update and Windows Update services.

Already Being Exploited

In mid-July, Microsoft admitted vulnerability was being exploited by the Stuxnet worm. That virus targets industrial control systems usually referred to as supervisory control and data-acquisition systems, or SCADA. On Friday, Microsoft said Sality malware was also using the vulnerability.

While Windows 7 automatically disables AutoPlay for removable drives, Microsoft had suggested a workaround of disabling icons for shortcuts, which could create problems in a visual user interface. Microsoft had also suggested disabling the WebClient service used by WebDAV, but that hampered SharePoint users.

Microsoft's MS-10-046 bulletin says the problem was fixed by "correctly validating the icon reference of a shortcut." The software giant advised users to undo the workaround of disabling shortcuts after the patch, but some web posts advised that step needs to be taken before the shortcut is applied.

The patch creates a new version of Shell32.dll, a crucial Windows library file. If incorrectly updated on some machines, some PCs could lock up.

All Supported Windows Versions

Chester Wisniewski of the Sophos security firm said the vulnerability involves how Shell32.dll attempts to load control-panel icons from applets. If a specially made shortcut points to a malicious file, Windows Explorer will execute it simply by browsing to the location.

The shortcut vulnerability affects all currently supported Windows versions. These include XP Service Pack 3, XP Pro x64 Edition Service Pack 2, Server 2003 Service Pack 2, Server 2003 x64 Edition Service Pack 2, Server 2003 with SP2 for Itanium-based Systems, Vista Service Pack 1 and Service Pack 2, Vista x64 Edition Service Pack 1 and Service Pack 2, Server 2008 for 32-bit Systems and Server 2008 for 32-bit Systems Service Pack 2, Server 2008 for x64-based Systems and Server 2008 for x64-based Systems Service Pack 2, Server 2008 for Itanium-based Systems and Server 2008 for Itanium-based Systems Service Pack 2, Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Server 2008 R2 for x64-based Systems, and Server 2008 R2 for Itanium-based Systems.

Monday's emergency patch release was unusual with the August Patch Tuesday just a week away.

Tell Us What You Think
Comment:

Name:

AnneKD:
Posted: 2010-08-03 @ 7:24am PT
Endless reboot loop on x64 Windows 7. I had to use system restore too.

berto m:
Posted: 2010-08-03 @ 2:34am PT
mine locked up, had to use system restore off the windows recovery disk

Like Us on FacebookFollow Us on Twitter
MORE IN DATA SECURITY

NETWORK SECURITY SPOTLIGHT
A security researcher has found that hundreds of different models of HP notebooks, tablets, and other devices include a keylogger that could track and record every keystroke a user makes.

CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.