Microsoft Rushes Unscheduled Patch for Shortcut Flaw
Microsoft is issuing an out-of-band patch today to address rising attacks against the Windows shortcut vulnerability discovered last month. The update comes just over a week ahead of the regularly scheduled Patch Tuesday for the month of August, but leaves Windows 2000 and Windows XP SP2 systems to fend for themselves.
The Microsoft Malware Protection Center noted "Although there have been multiple malware families that have picked up this vector, one in particular caught our attention this week--a family named Sality, and specifically Sality.AT. Sality is a highly virulent strain. It is known to infect other files (making full removal after infection challenging), copy itself to removable media, disable security, and then download other malware. It is also a very large family--one of the most prevalent families this year."
All Clouds Are Not Created Equal: View now
To protect customers against a rising tide of attacks--like Sality--which exploit the LNK flaw in Windows, Microsoft MCITP Certification expedited the release of the patch.
Qualys CTO Wolfgang Kandek points out in a blog post that "Primary attack vectors for the LNK vulnerability are USB sticks and shared drives, the attack depends on a specially crafted LNK file and a custom DLL to function. Remote attacks through e-mail or websites are theoretically possible, but require multiple steps and user interaction."
Kandek explained "Windows 2000 and XP SP2 users will not be covered and are now in a predicament that will become increasingly urgent. Attacks will continue to become more prevalent and their defensive options are limited."
Microsoft does provide advice for a workaround that could mitigate the risk on these legacy platforms in security advisory KB2286198. However, implementing the workaround seriously impedes the usability of the Windows system. All desktop icons are disabled--replaced with a blank white sheet, and network navigation is affected as well.
Many companies face hurdles in migrating to newer operating system platforms. Reliance on archaic legacy applications which are not compatible with a newer OS like Windows 7 for critical business functions means hanging on to outdated Windows platforms. Some companies simply feel that the current environment is working fine and there is no compelling reason to invest the time and money required to upgrade.
Regardless of the justification for clinging to unsupported Windows operating systems, the time has come to seriously evaluate the alternatives to that decision. IT admins managing legacy Windows platforms are already at a disadvantage because Windows 2000 and Windows XP don't have the improved security features included in Windows 7. Now that support for those platforms has expired, IT admins must face new threats and exploits without any patches or updates from Microsoft MCTS Training.
IT admins can provide additional protection against remote attempts to exploit this vulnerability by disabling the SMB and WebDAV protocols for outbound traffic on Internet-facing firewalls.
There are mitigations and workarounds, but IT admins can only stop the damn from breaking for so long. It's time for companies to seriously look at applying SP3 if they are running Windows XP, or simply upgrading the operating system entirely and making the move to Windows 7.
Read the views of online Certification Experts, which provide the real questions and correct answer and explanation for the students / professionals who are seeking or enhancing their level of expertise. more at certkingdom.com
August 4, 2010
Microsoft Rushes Unscheduled Patch for Shortcut Flaw
Microsoft Rushes Unscheduled Patch for Shortcut Flaw
Microsoft is issuing an out-of-band patch today to address rising attacks against the Windows shortcut vulnerability discovered last month. The update comes just over a week ahead of the regularly scheduled Patch Tuesday for the month of August, but leaves Windows 2000 and Windows XP SP2 systems to fend for themselves.
The Microsoft Malware Protection Center noted "Although there have been multiple malware families that have picked up this vector, one in particular caught our attention this week--a family named Sality, and specifically Sality.AT. Sality is a highly virulent strain. It is known to infect other files (making full removal after infection challenging), copy itself to removable media, disable security, and then download other malware. It is also a very large family--one of the most prevalent families this year."
All Clouds Are Not Created Equal: View now
To protect customers against a rising tide of attacks--like Sality--which exploit the LNK flaw in Windows, Microsoft MCITP Certification expedited the release of the patch.
Qualys CTO Wolfgang Kandek points out in a blog post that "Primary attack vectors for the LNK vulnerability are USB sticks and shared drives, the attack depends on a specially crafted LNK file and a custom DLL to function. Remote attacks through e-mail or websites are theoretically possible, but require multiple steps and user interaction."
Kandek explained "Windows 2000 and XP SP2 users will not be covered and are now in a predicament that will become increasingly urgent. Attacks will continue to become more prevalent and their defensive options are limited."
Microsoft does provide advice for a workaround that could mitigate the risk on these legacy platforms in security advisory KB2286198. However, implementing the workaround seriously impedes the usability of the Windows system. All desktop icons are disabled--replaced with a blank white sheet, and network navigation is affected as well.
Many companies face hurdles in migrating to newer operating system platforms. Reliance on archaic legacy applications which are not compatible with a newer OS like Windows 7 for critical business functions means hanging on to outdated Windows platforms. Some companies simply feel that the current environment is working fine and there is no compelling reason to invest the time and money required to upgrade.
Regardless of the justification for clinging to unsupported Windows operating systems, the time has come to seriously evaluate the alternatives to that decision. IT admins managing legacy Windows platforms are already at a disadvantage because Windows 2000 and Windows XP don't have the improved security features included in Windows 7. Now that support for those platforms has expired, IT admins must face new threats and exploits without any patches or updates from Microsoft MCTS Training.
IT admins can provide additional protection against remote attempts to exploit this vulnerability by disabling the SMB and WebDAV protocols for outbound traffic on Internet-facing firewalls.
There are mitigations and workarounds, but IT admins can only stop the damn from breaking for so long. It's time for companies to seriously look at applying SP3 if they are running Windows XP, or simply upgrading the operating system entirely and making the move to Windows 7.
Microsoft is issuing an out-of-band patch today to address rising attacks against the Windows shortcut vulnerability discovered last month. The update comes just over a week ahead of the regularly scheduled Patch Tuesday for the month of August, but leaves Windows 2000 and Windows XP SP2 systems to fend for themselves.
The Microsoft Malware Protection Center noted "Although there have been multiple malware families that have picked up this vector, one in particular caught our attention this week--a family named Sality, and specifically Sality.AT. Sality is a highly virulent strain. It is known to infect other files (making full removal after infection challenging), copy itself to removable media, disable security, and then download other malware. It is also a very large family--one of the most prevalent families this year."
All Clouds Are Not Created Equal: View now
To protect customers against a rising tide of attacks--like Sality--which exploit the LNK flaw in Windows, Microsoft MCITP Certification expedited the release of the patch.
Qualys CTO Wolfgang Kandek points out in a blog post that "Primary attack vectors for the LNK vulnerability are USB sticks and shared drives, the attack depends on a specially crafted LNK file and a custom DLL to function. Remote attacks through e-mail or websites are theoretically possible, but require multiple steps and user interaction."
Kandek explained "Windows 2000 and XP SP2 users will not be covered and are now in a predicament that will become increasingly urgent. Attacks will continue to become more prevalent and their defensive options are limited."
Microsoft does provide advice for a workaround that could mitigate the risk on these legacy platforms in security advisory KB2286198. However, implementing the workaround seriously impedes the usability of the Windows system. All desktop icons are disabled--replaced with a blank white sheet, and network navigation is affected as well.
Many companies face hurdles in migrating to newer operating system platforms. Reliance on archaic legacy applications which are not compatible with a newer OS like Windows 7 for critical business functions means hanging on to outdated Windows platforms. Some companies simply feel that the current environment is working fine and there is no compelling reason to invest the time and money required to upgrade.
Regardless of the justification for clinging to unsupported Windows operating systems, the time has come to seriously evaluate the alternatives to that decision. IT admins managing legacy Windows platforms are already at a disadvantage because Windows 2000 and Windows XP don't have the improved security features included in Windows 7. Now that support for those platforms has expired, IT admins must face new threats and exploits without any patches or updates from Microsoft MCTS Training.
IT admins can provide additional protection against remote attempts to exploit this vulnerability by disabling the SMB and WebDAV protocols for outbound traffic on Internet-facing firewalls.
There are mitigations and workarounds, but IT admins can only stop the damn from breaking for so long. It's time for companies to seriously look at applying SP3 if they are running Windows XP, or simply upgrading the operating system entirely and making the move to Windows 7.
Subscribe to:
Posts (Atom)
