July 31, 2010, 12:07AM
Microsoft to Issue Emergency Patch for Critical Windows Flaw
5 Comments
Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn't identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for several weeks now, most notably with the Stuxnet malware.
The advance notification from Microsoft on Friday said that the company is patching a critical vulnerability that is being actively exploited in the wild and affects all supported Windows platforms. The LNK flaw in the Windows shell was first identified earlier this month when researchers discovered the Stuxnet worm spreading from infected USB drives to PCs. Stuxnet has turned out to be a rather interesting piece of malware as it not only uses the LNK zero day vulnerability to spread, but it had components that were signed using a legitimate digital certificate belonging to Realtek, a Taiwanese hardware manufacturer.
Stuxnet also includes an exploit for a previously unknown vulnerability in a popular piece of SCADA software called WinCC, manufactured by Siemens.
Editor's Pick
"The bulletin addresses a security vulnerability in all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, that is currently being exploited in malware attacks," Microsoft said in its advisory.
Within a week or so of the identification of the LNK vulnerability and the emergence of Stuxnet, researchers began seeing new pieces of malware showing up that exploit the flaw. One of these was dubbed Chymine and exploited the LNK flaw and then attempted to connect to a remote server and download a keylogger.
Microsoft has been careful about using its out-of-band patching process in the past few years, but it has shown that it has the ability to push out an emergency fix within a couple of weeks when necessary. And with a number of active exploits ongoing against the LNK flaw, this looks like one of those cases.
Commenting on this Article is closed.
Today's Most Popular
- Common Firewall Feature Enables TCP Hijacking Attacks
- Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
- Facebook Cancellation Malware Disguised As Adobe Update Making Rounds
- How to Break Google Chrome in Six Easy Steps
- OPINION: Are Anonymous Members Forged in the Crucible of IT Compliance?
Most Commented Stories
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
20%
Only connect to password-protected, secure connections
38%
Only use websites with HTTPS
28%
I don’t pay attention to how I access the internet while traveling
14%
Total votes: 65
Follow Threatpost
 |  |  |  |
| Tumblr |
Comments
It's nice to know these things. Computers don't have "back doors". If there's a door, it's because someone put it there.
Lies and slander. You're definitly not a programmer!
Yes, not a programmer at all.
A programmer would say "What F*%#^n S*#t Code".
Good ol Bill made biggest ever donation to charity that the world has known, salad.
Sometimes I wish there was a virus that would just blow my pc to tiny little pieces