Microsoft to release emergency security fix

The out-of-band release will prevent Windows from allowing malicious code to be executed when the icon of a specially crafted shortcut is displayed.

Microsoft decided to release a patch before the monthly Patch Tuesday update on 10 August after finding evidence that the vulnerability was being exploited.

Multiple techniques to exploit the vulnerability are appearing on the internet, according to the Microsoft Malware Protection Center (MMPC).

Researchers said a variant of the Sality family of viruses that exploits the vulnerability is particularly virulent.

Sality.AT is known to infect other files, which makes full removal after infection challenging. It then copies itself to removable media, disables security and then downloads other malware.

With the release of Sality.AT, developers of other virus families will likely move quickly to copy the technique to target the same vulnerability, the MMPC said.

Most versions of Windows are affected, including Windows 7, XP, Server 2003, Vista and Server 2008.

Microsoft has published a detailed list of vulnerable software in a security advisory.

This is one of the worst vulnerabilities the security community has seen in a long while, said Ondrej Vlcek, chief technology officer of security firm Avast Sofware.

The vulnerability being exploited is not a bug, but a design feature that many hardware suppliers rely on to make their products work with Windows, he said.

"For this reason, merely blocking this feature is not a viable mitigation strategy," said Vlcek.

All Windows users should ensure their systems are patched as exploits of this vulnerability are able to do "just about anything", and can be carried out via e-mailed hyperlinks, torrents or website drive-by download attacks, he said.

This story was first published by Computer Weekly

What’s hot on Infosecurity Magazine?