Microsoft has rushed out a patch to correct the way Windows parses shortcuts, a vulnerability we reported two weeks ago. Hackers have been exploiting the bug, which Microsoft had warned was most likely to be spread by removable drives when AutoPlay was not disabled.
While the patch, rated critical, fixes currently supported Windows operating systems, Windows XP SP2 and Windows 2000 were not included. Those versions have reached their end of life, although many systems are still using them. The patch can be applied with the Microsoft Update and Windows Update services.
Already Being Exploited
In mid-July, Microsoft admitted vulnerability was being exploited by the Stuxnet worm. That virus targets industrial control systems usually referred to as supervisory control and data-acquisition systems, or SCADA. On Friday, Microsoft said Sality malware was also using the vulnerability.
While Windows 7 automatically disables AutoPlay for removable drives, Microsoft had suggested a workaround of disabling icons for shortcuts, which could create problems in a visual user interface. Microsoft had also suggested disabling the WebClient service used by WebDAV, but that hampered SharePoint users.
Microsoft's MS-10-046 bulletin says the problem was fixed by "correctly validating the icon reference of a shortcut." The software giant advised users to undo the workaround of disabling shortcuts after the patch, but some web posts advised that step needs to be taken before the shortcut is applied.
The patch creates a new version of Shell32.dll, a crucial Windows library file. If incorrectly updated on some machines, some PCs could lock up.
All Supported Windows Versions
Chester Wisniewski of the Sophos security firm said the vulnerability involves how Shell32.dll attempts to load control-panel icons from applets. If a specially made shortcut points to a malicious file, Windows Explorer will execute it simply by browsing to the location.
The shortcut vulnerability affects all currently supported Windows versions. These include XP Service Pack 3, XP Pro x64 Edition Service Pack 2, Server 2003 Service Pack 2, Server 2003 x64 Edition Service Pack 2, Server 2003 with SP2 for Itanium-based Systems, Vista Service Pack 1 and Service Pack 2, Vista x64 Edition Service Pack 1 and Service Pack 2, Server 2008 for 32-bit Systems and Server 2008 for 32-bit Systems Service Pack 2, Server 2008 for x64-based Systems and Server 2008 for x64-based Systems Service Pack 2, Server 2008 for Itanium-based Systems and Server 2008 for Itanium-based Systems Service Pack 2, Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Server 2008 R2 for x64-based Systems, and Server 2008 R2 for Itanium-based Systems.
Monday's emergency patch release was unusual with the August Patch Tuesday just a week away.
Posted: 2010-08-03 @ 7:24am PT
Endless reboot loop on x64 Windows 7. I had to use system restore too.
Posted: 2010-08-03 @ 2:34am PT
mine locked up, had to use system restore off the windows recovery disk