Microsoft Issues An Emergency Update To Stop Shortcut Exploit

Ok, if you are running Windows, do a Windows Update before you read any further and then come back.

Today, Microsoft issued an emergency update to fix an exploit that allowed maliciously crafted shortcut files to load malware.

I mentioned this exploit a couple weeks ago. This exploit is so dangerous that the Internet Storm Center briefly went to “Yellow Alert.” The first alert they had issued in years.

While the alert ended after serving its purpose of alerting the potential danger and no active use by malware, it has been closely watched by the computer security community. In fact, a report of one form of the exploit was mentioned that targeted Siemens industrial controllers. You know, the kind of industrial equipment you would see monitoring things in a nuclear reactor, for instance (not that this was the case).

Over the past few days, we are hearing of malware adding this exploit to the vulnerabilities it can use for infection.

A week ago, Microsoft issued a short term Fix-it to help block this malware.

This was meant to provide some short term safety till today’s full patch was ready. The Fix-it disabled shortcut icons, making all show as a generic icon. My feeling was that this was a little like behavior that some might expect from actual malware (Let’s see, I click on a button on a website and all my icons go funny – doesn’t sound good to me) so I did not recommend it on this site.

This “out of band” emergency update fixes the lnk file vulnerability.

As a note, this update is for Windows XP Service Pack 3 and later versions. If you are till running Windows XP Service Pack 2 (or worse, Windows 2000) you need to upgrade to Service Pack 3 in order to get the patch as Microsoft no longer is providing support for XP Service Pack 2 or anything earlier.

Window Update
This is what Window Update looks like in the start menu

How to start a Windows Update if your not sure if you are updated?

  • Click on your start button.
  • Click on All Programs.
  • Click on Windows Updates (near the top of the screen).
  • You can do the express update to do this and other security updates you may need.

There will be more updates next Tuesday from Microsoft (Patch Tuesday).

Just make sure you get this one now.

Happy computing! :)