FW: Newsbank: Microsoft sets emergency Windows patch for Monday

-------------------------------------------
From: Sandi Meyer (MKT-US)
Sent: Saturday, July 31, 2010 3:46:22 AM
To: Newsbank
Subject: Newsbank: Microsoft sets emergency Windows patch for Monday
Auto forwarded by a Rule

Microsoft sets emergency Windows patch for Monday

As exploits of shortcut bug climb, company commits to 'out-of-band' update

By Gregg Keizer

July 30, 2010 02:11 PM ET

Comments (0)

Recommended (1)

Facebook

Twitter

Share

Computerworld - Microsoft today said it will issue an emergency patch for the critical Windows shortcut bug on Monday, August 2.

The company said it is satisfied with the quality of the "out-of-band" update -- Microsoft's term for a patch that falls outside the usual monthly delivery schedule -- but also acknowledged that it has tracked an upswing in attacks.

"In the past few days, we've seen an increase in attempts to exploit the vulnerability," Christopher Budd, a spokesman for the Microsoft Security Response Center (MSRC), said in a entry to the team's blog. "We firmly believe that releasing the update out of band is the best thing to do to help protect our customers."

Budd said that Microsoft would release the patch on Monday at approximately 1 p.m. ET, 10 a.m. PT.

Two weeks ago, Microsoft confirmed a flaw in how Windows parses shortcut files, the small files displayed by icons on the desktop, on the toolbar and in the Start menu that launch applications and documents when clicked. By crafting malicious shortcuts, hackers could automatically execute malware whenever a user viewed the shortcut or the contents of a folder containing the malevolent shortcut.

The bug was first described in mid-June by VirusBlokAda, a little-known security firm based in Belarus, but attracted widespread attention only after security blogger Brian Krebs reported on it July 15. A day later, Microsoft admitted that attackers were already exploiting the flaw using the "Stuxnet" worm, which targeted Windows PCs that manage large-scale industrial control systems in manufacturing and utility firms.

Exploit code has been widely distributed on the Internet, and Microsoft and others have spotted several attack campaigns based on the bug.

One of those campaigns apparently tipped the scales toward an early patch.

The Microsoft group responsible for crafting malware signatures to defend customers using the company's antivirus products, including the free Security Essentials, said that an especially nasty malware family had added exploits of the unpatched shortcut flaw to its arsenal.

"Sality is a highly virulent strain ... known to infect other files, making full removal after infection challenging, copy itself to removable media, disable security, and then download other malware," wrote Holly Stewart of the Microsoft Malware Protection Center, on the group's blog Friday. "It is also a very large family -- one of the most prevalent families this year. "

Sality's inclusion of the shortcut exploit quickly drove up the number of PCs that have faced attack. "After the inclusion of the [shortcut] vector, the numbers of machines seeing attack attempts combining malicious [shortcuts] and Sality.AT soon surpassed the numbers we saw with Stuxnet," said Stewart.

"We know that it is only a matter of time before more families pick up the technique," she added.

Other security researchers had spotted Sality exploiting the shortcut bug earlier this week. On Tuesday, Trend Micro reported that the shortcut vector was being used not only by Sality, but also by other malware clans, such as the Zeus botnet-building Trojan.

Last week, security researchers had argued over Microsoft's ability to quickly patch the vulnerability, with HD Moore, the chief security officer of Rapid7 and the creator of the well-known Metasploit hacking toolkit, betting that Microsoft would fix the flaw within two weeks. Moore's prediction was nearly on the dot.

All versions of Windows contain the shortcut vulnerability, including the preview of Windows 7 Service Pack 1 (SP1), and the recently retired-from-support Windows XP SP2 and Windows 2000.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@ix.netcom.com.

Read more about Security in Computerworld's Security Topic Center.

 

 

---

From: Computerworld Wrap-Up [mailto:computerworld_newsletters@cwonline.computerworld.com]
Sent: Friday, July 30, 2010 11:36 AM
To: Sandi Meyer (MKT-US)
Subject: Microsoft sets emergency Windows patch for Monday

 

	U.S. military launches review of IT security after Wikileaks breach | Froyo coming to Evo 4G on Tuesday, Sprint confirms
	Computerworld Wrap-Up	Forward this to a Friend >>>
	Microsoft sets emergency Windows patch for Monday Microsoft will issue an emergency patch for the critical Windows shortcut bug on Monday, August 2. Read More WEBCAST: Google Apps Microsoft Exchange or Google Apps? Govt agency goes Google James Ferreira, CIO for the New Mexico State Attorney General's office, had a choice to make to support his growing organization: upgrade to a more costly enterprise license for Microsoft Exchange or find a business grade alternative at a better price. Google Apps Premier Edition emerged as the clear winner. Learn More! In this Issue U.S. military launches review of IT security after Wikileaks breach Froyo coming to Evo 4G on Tuesday, Sprint confirms JR Raphael: Holy Froyo! Lots of new Android 2.2 info Free Android apps scrape personal data, send it to China How business is putting the iPad to work Ironkey looks to secure mobile, business banking Smartphones, tablets seen boosting mobile health care Intel wins key ruling in antitrust suit RIM leads way as Q2 mobile phone shipments surge 14% Barbara Krasnoff: Quick look: HP Scanjet Professional 1000 Mobile Scanner Jonny Evans: WWDC 2011: Apple focus turns to OS X 10.7 Sharon Machlis: Android vs. webOS size=2 width="100%" noshade color="#aaaaaa" align=center> WHITE PAPER: Progress Software Real Life Scenarios for Better Business Making Decisions These screenshots of real life everyday scenarios in the Airline/Shipping/Logistics Industry show how the Progress Responsive Process Management suite enables business users to, gain real-time visibility into business processes, immediately respond to events, continuously improve performance, all without disruption to the existing infrastructure. Learn More. U.S. military launches review of IT security after Wikileaks breach Defense Secretary Robert Gates Thursday announced that U.S. information security practices will be reviewed following the leak of tens of thousands of classified war documents that were published by WikiLeaks earlier this week. Read More Froyo coming to Evo 4G on Tuesday, Sprint confirms Froyo, the Android 2.2 update, will come to the HTC Evo 4G starting Tuesday, bringing support for Flash video and external storage of applications, according to Sprint. Read More JR Raphael: Holy Froyo! Lots of new Android 2.2 info After weeks of waiting, the gates to Froyo are finally starting to open. From the EVO to the Galaxy S and beyond, here's the lowdown on everything new with Android 2.2. Read More Free Android apps scrape personal data, send it to China As many as four million users of Android phones have downloaded wallpaper apps that swipe personal data from the phone and transmit it to a Chinese-owned server, a mobile security firm said today. Read More How business is putting the iPad to work When Steve Jobs unveiled the iPad in January, he pitched it mostly as a consumer device--a relaxation tool for reading books, playing games, watching video and perusing family photos. But Michael Kanzleiter and his colleagues at Mercedes-Benz Financial saw something else: A better way to sell cars. Read More Ironkey looks to secure mobile, business banking Cybercriminals are increasingly looking at business rather than consumer accounts to hack as banks scramble to shore up their defenses, according to an executive from vendor IronKey. Read More WHITE PAPER: Google Should Your Email Live In The Cloud? According to Forrester, "Google is setting a new price floor on email and archiving costs." (Should Your Email Live In The Cloud? A Comparative Cost Analysis, Forrester Research, Inc., January 2009). Download the independent research report comparing the costs of email from Google and other providers. Read More! Smartphones, tablets seen boosting mobile health care Smartphones, tablet PCs and other wireless devices are poised to play a greater role in health care as doctors and patients embrace the mobile Internet, panelists at a mobile health technology conference in Boston said Thursday. Read More Intel wins key ruling in antitrust suit A court-appointed special master has rejected class-action status in an antitrust lawsuit against Intel, determining that the plaintiffs failed to show that PC buyers were harmed by discounts Intel offered to manufacturers. Read More RIM leads way as Q2 mobile phone shipments surge 14% RIM mobile phone shipments grew by 40% in the second quarter, tops in an overall market that grew by more than 14% during the period, according to IDC. Read More Barbara Krasnoff: Quick look: HP Scanjet Professional 1000 Mobile Scanner The HP Scanjet Professional 1000 is lightweight, efficient and could be very useful if you travel for business. Read More Jonny Evans: WWDC 2011: Apple focus turns to OS X 10.7 Apple is prepared to invest every ounce of company muscle, intellect, invention and clout in order to ensure that ally now rival Google can never claim the to innovate ahead of industry trends again. And plans radical user interface innovation in OS X 10.7. Read More Sharon Machlis: Android vs. webOS A look at these two alternatives to the iPhone platform, head to head, using a Palm Pre and a Droid X. Read More
	ARE YOU BUILDING A PRIVATE CLOUD? Computerworld is preparing a special report on private clouds and we would like to know how organizations perceive and employ this kind of cloud. Please take our short survey (10 questions plus demographic information). The survey data will be published on our Web site and in the December 20 edition of Computerworld. SHARK TANK OF THE DAY Great idea -- glad you thought of it Part of this pilot fish's job is posting new-job hiring annoucements on a local government agency's Web site -- and it seems to fish that it could be made easier for the applicants. NEW COMPUTERWORLD JOB BOARD Search multiple listings now and get new job alerts as they are posted.
	Do You Tweet? Follow everything from Computerworld.com on Twitter @computerworld. You are currently subscribed to computerworld_dailynews as SANDI_MEYER@trendmicro.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Computerworld, please send an e-mail to online@computerworld.com. Copyright (C) 2010 Computerworld, 492 Old Connecticut Path, Framingham, MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to online@computerworld.com. **