Microsoft to Release Emergency Windows 7 Patch, Windows 7 Passes Vista

From DailyTech: Windows 7 is arguably one of Microsoft's greatest achievements to date. However, the company's OS is far from impervious, despite its free antivirus/malware protection suite, beefed up memory protections, and numerous security tweaks.

Today Microsoft will release an "out of band" emergency patch to try to lock out a highly dangerous new family of malware that's attacking Windows 7 via a vulnerability in .LNK files.

LNK files are more commonly known as shortcuts. You often see shortcuts on your desktop. Clicking them runs programs in the Windows Shell (Microsoft's graphical layout in Windows and its supporting backend). However, shortcuts can also be autorun, under certain conditions, when USB sticks or MP3 players newly connect to a machine. The problem is that the autorun can be used to start an attack process, if the LNK file is a malicious attack package coordinator.

The vulnerability presumably existed in Windows for a long time, but only recently has been widely published in the hacking community. Some hackers have created a new family of viruses called Sality, that are designed specially to exploit the vulnerability.

According to Microsoft's Malware Protection Center, "Sality is a highly virulent strain. It is known to infect other files, making full removal after infection challenging, copy itself to removable media, disable security and then download other malware."

View: Article @ Source Site