Microsoft rushes out patch for critical shortcut flaw

By on August 2, 2010, 1:58 PM
Microsoft has issued an out-of-band patch today to address rising attacks against a critical Windows vulnerability discovered last month. The flaw in question involves the code that processes shortcut files ending in ".lnk" and allows malicious users to embed commands in shortcuts that are executed when the file is run. Making matters worse, every version of Windows is vulnerable and being used to spread a particularly nasty virus dubbed Sality.

According to a notice on the Microsoft Malware Protection Center, "Sality is a highly virulent strain [] known to infect other files (making full removal after infection challenging), copy itself to removable media, disable security, and then download other malware. It is also a very large family -- one of the most prevalent families this year." The fact that autorun can be used to start an attack process has helped this virus spread very fast.

The ~7MB patch just went live a few moments ago so it would be wise to check Windows Update to stay on the safe side. The update comes just over a week ahead of the regularly scheduled Patch Tuesday for the month of August.




User Comments: 14

Got something to say? Post a comment
dustin_ds3000 dustin_ds3000, TechSpot Chancellor, said:

i just installed the new patch for windows 7 64 bit. no problems after reboot

poundsmack said:

Sality is one of the worst virus's you can get in an enterprise/company environment. It is a never ending battle if you have more than 100 computers and older servers. *shutter*

motrin said:

Also worked for me, Win 7 64 bit.

poundsmack said:

Maybe I am not seeing it, but where is the link to the XP patch? the most recent one i can find on their site is KB2286198 and I am not sure if that's it.

motrin said:

poundsmack said:

Maybe I am not seeing it, but where is the link to the XP patch? the most recent one i can find on their site is KB2286198 and I am not sure if that's it.

oh but it is. have a read.

Security Update for Windows 7 for x64-based Systems (KB2286198)

Installation date: ?8/?2/?2010 1:00 PM

Installation status: Successful

Update type: Important

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system.

More information:

http://go.microsoft.com/fwlink/?LinkID=197393

Help and Support:

http://support.microsoft.com

poundsmack said:

ah, so it is. good.

Leeky Leeky said:

I've just made sure I've updated too.

Thanks for the heads up Jos!

Guest said:

Just followed the linkage for this back to Microsoft and the file downloaded is ony ~4.5MB not ~7MB as in the article above ....is this the correct patch? It is called Windows6.1-KB2286198-x86.msu .

Leeky Leeky said:

The KB number looks correct to me.

Guest said:

Cheers Leeky, will give it a go!

Staff
Per Hansson Per Hansson, TS Server Guru, said:

Guest, to satisfy your curiosity on the patch filesize

Windows XP SP3 = 2.9MB

Windows Server 2003 SP2: 2.9MB

Windows XP x64 SP2 & Server 2003 x64 SP2 = 11.8MB

Windows Server 2003 with SP2 for Itanium = 13.4MB

Windows Vista SP1 & SP2 = 4.3MB

Windows Server 2008 SP1 & SP2 = 4.3MB

Windows Server 2008 x64 SP1 & SP2 = 6.7MB

Windows Server 2008 SP1 & SP2 for Itanium = 8.0MB

Windows Vista x64 SP1 & SP2 = 6.7MB

Windows 7 = 4.4MB

Windows 7 x64 = 6.7MB

Windows Server 2008 R2 = 6.7MB

Windows Server 2008 R2 = 17.1MB

Lamberty said:

poundsmack said:

Sality is one of the worst virus's you can get in an enterprise/company environment. It is a never ending battle if you have more than 100 computers and older servers. *shutter*

What's really sad is that I work for the State department, and they are hands down A## backwards network setup. When I joined, I found out that they are running mutliple 2000 boxes and didn't have much for front end protection or back end and we got hit by Sality and boy let me tell you about the endless nights we had to try and fix this, definitely not fun. Stupid state politics

Leeky Leeky said:

What's really sad is that I work for the State department, and they are hands down A## backwards network setup. When I joined, I found out that they are running mutliple 2000 boxes and didn't have much for front end protection or back end and we got hit by Sality and boy let me tell you about the endless nights we had to try and fix this, definitely not fun. Stupid state politics

What is it with government/state departments and the requirement to be neck deep in sh## before they'll actually do something proactive! lol.

Staff
Jos Jos said:

Yeah, I should have mentioned the cited file size was for Windows 7 x64, which I'm currently using. Thanks for the clarification Per

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.