HomeMalware Attacks
July 31, 2010, 12:07AM

Microsoft to Issue Emergency Patch for Critical Windows Flaw

Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn't identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for several weeks now, most notably with the Stuxnet malware.

The advance notification from Microsoft on Friday said that the company is patching a critical vulnerability that is being actively exploited in the wild and affects all supported Windows platforms. The LNK flaw in the Windows shell was first identified earlier this month when researchers discovered the Stuxnet worm spreading from infected USB drives to PCs. Stuxnet has turned out to be a rather interesting piece of malware as it not only uses the LNK zero day vulnerability to spread, but it had components that were signed using a legitimate digital certificate belonging to Realtek, a Taiwanese hardware manufacturer.

Stuxnet also includes an exploit for a previously unknown vulnerability in a popular piece of SCADA software called WinCC, manufactured by Siemens.

Recommended Reads

Get News by Email!

"The bulletin addresses a security vulnerability in all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, that is currently being exploited in malware attacks," Microsoft said in its advisory.

Within a week or so of the identification of the LNK vulnerability and the emergence of Stuxnet, researchers began seeing new pieces of malware showing up that exploit the flaw. One of these was dubbed Chymine and exploited the LNK flaw and then attempted to connect to a remote server and download a keylogger.

Microsoft has been careful about using its out-of-band patching process in the past few years, but it has shown that it has the ability to push out an emergency fix within a couple of weeks when necessary. And with a number of active exploits ongoing against the LNK flaw, this looks like one of those cases.

Shorten URL: Click to copy short URL. Click to copy to clipboard or post to Twitter

Comments

Submitted by Anonymous (not verified) on Sat, 07/31/2010 - 12:17am.

It's nice to know these things. Computers don't have "back doors". If there's a door, it's because someone put it there.

Submitted by Anonymous (not verified) on Sat, 07/31/2010 - 8:55am.

Lies and slander. You're definitly not a programmer!

Submitted by Anonymous (not verified) on Sat, 07/31/2010 - 10:24am.

Yes, not a programmer at all.

A programmer would say "What F*%#^n S*#t Code".

Submitted by Anonymous (not verified) on Mon, 08/02/2010 - 11:38am.

Good ol Bill made biggest ever donation to charity that the world has known, salad.

Submitted by Anonymous (not verified) on Mon, 08/02/2010 - 2:34pm.

Despite the arguaebly crap code that we do find from time to time, it is important to remember that were it not for Microsoft we would all be using $5000 desktop computers with $3000 worth of software on them.  Competition is a good thing.

Submitted by Anonymous (not verified) on Mon, 08/02/2010 - 4:41pm.

Sometimes I wish there was a virus that would just blow my pc to tiny little pieces

Post new comment

The content of this field is kept private and will not be shown publicly.

Kaspersky Lab Channel and Alliance Partners

 

 

Copyright © 2010 threatpost.com | Terms of Service | Privacy