Microsoft patches folder flaw from Win2000

By on

Microsoft has today pushed a critical update to its operating systems that will fix a vulnerability, acknowledged a few weeks ago, that has been present since Windows 2000. The fix itself, however, does not extend to those using Windows 2000, most likely because it is no longer covered by its Life Cycle policy.

The vulnerability allowed attackers to control a computer, if not patched, through a weakness in how shortcut icons are handled by Windows. It was very worrying to many security analysts because the attacker did not need to write a file to gain control, it had to open a file with the .lnk extension.

Microsoft released a temporary fix, which resulted in some shortcuts not able to load.

Microsoft’s fix comes around the same time as a blog post from its Malware Protection Centre finding that many new viruses and malware is using this new way of infection, with a particular one Sality.AT – known to copy itself to USB storage devices and is hard to remove as it infects other files – taking full use of the vulnerability. On June 29, it reported that there was around 8,000 computers that have been infected by this – many from Brazil and the United States.

Microsoft says if you will be able to determine that you have been infected by seeing certain security-related applications terminated suddenly, unable to run the Windows Registry Editor, failure to run certain security-related applications because .AVC and .VDB files have been deleted and the presence of a driver known as amsint32.sys.

Image by: Robert S. Donovan/Flickr