Microsoft will make an exception to its Patch Tuesday to be delivered today, Monday, an update to address security vulnerabilities in the Windows shell.
Seeing through mid-June, Microsoft has publicly confirmed in mid-July 1 security vulnerability affecting the Windows shell. Because of that, all versions of Windows does not properly handle shortcut files (.lnk files) and malicious code can be executed when a shortcut icon appears designed.
According to the security advisory Microsoft said vulnerability can be exploited via a malicious USB drive or remotely via network shares and WebDAV. The operation may also be included in documents that support board shortcuts.
This loophole has been widely publicized, especially after several reports that the worm Stuxnet exploits to the targeting of industrial systems and ambitions of industrial espionage in particular the United States and Iran. But other malware have also begun to exploit the vulnerability without having an ulterior motive for espionage.
The antivirus vendors have updated their solutions in office, and Microsoft proposed a measure of temporary bypass in the form of a Fix it with the application, however, an undesirable side effect with the loss of the graphic icons Windows desktop. Sophos or G Data offered a more elegant workaround to apply over any antivirus and that does not alter the display of icons.
Correction in Patch Tuesday
On Monday, Microsoft will upload a fix in good and due form. The Redmond company confirmed that the number of attempted attacks has increased in recent days, as well as pests mainly involved with the family members Sality whose Sality.AT. Highly virulent strain, dixit Microsoft Sality infects other files which makes a complete removal relatively complicated, replicates on removable media, disable the security protection and downloads other malware.
It is therefore urgent, which justifies an occasional publication Patch Tuesday as it happens relatively rarely. For Microsoft, this publication will provide the "best protection for its customers," now that all quality tests have been satisfactory for the patch. The patch will include distributed via Windows Update in the late afternoon, at around 19 hours.
This update will be applied to Windows XP users, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2.