Computerworld reports that Microsoft has said it will issue an emergency patch for the critical Windows shortcut bug on Monday, Aug. 2…. The company said that it is satisfied with the quality of the “out-of-band” update — Microsoft’s term for a patch that falls outside the usual monthly delivery schedule — but also acknowledged that it has tracked an upswing in attacks.
As this is an extremely serious bug, users need to make sure that this patch gets installed on their PC.
PC Magazine is reporting that F-Secure has uncovered the latest in rogue anti-malware: A fake Firefox “Just Updated” page which pushes you to install an update to Flash. Don’t fall victim to rogue software. Make sure that you control what get’s installed on your computer.
A new report from the Digital Forensics Association confirms the need for organizations to pay careful attention to all aspects of information security.The report “The Leaking Vault – Five Years of Data Breaches” analyzes over 2,800 data loss incidents from publicly accessible sources, with a known disclosure of 271.9 million records. This study—the largest of its kind to date—provides analysis on which breach vectors carry the most risk, and should help provide organizations with more accurate information when combating this problem.
Key findings include:
Following up our blog post of last week in which we described new malware attacks on industrial control systems, the Christian Science Monitor writes “cyberspies have launched the first publicly known global attack aimed at infiltrating hard-to-penetrate computer control systems used to manage factory robots, refineries, and the electric power grid.”
According to the Monitor, “the spyware had spread for at least a month undetected and has already penetrated thousands of industrial computer systems in Iran, Indonesia, India, Ecuador, the United States, Pakistan, and Taiwan, according to a Microsoft analysis. … The attack is part of a sophisticated new wave of industrial cyberespionage that can infiltrate corporate systems undetected and capture the “crown jewels” of corporations – proprietary manufacturing techniques that are worth billions, experts say. It’s significant, too, because of its potential to infiltrate and commandeer important infrastructure, such as the power grid.”
The Monitor goes on to write “No one knows who’s behind it. Cybersecurity analysts aren’t even sure yet what the spyware’s creators intend it to do to those industrial systems. The intent could be to sell corporate proprietary secrets – or to seek an advantage over the US in some future assymetric conflict, such as a cyberwar.”
Computerworld and other sources are reporting a newly-discovered critical bug in all versions of Windows. The bug is so critical that the Internet Storm Center (ISC) has pushed its Infocon threat indicator to “Yellow,” a rare move, while Symantec also bumped up the status of its ThreatCon barometer to “Elevated.” Users are being warned to expect widespread attacks.
“The proof-of-concept exploit is publicly available, and the issue is not easy to fix until Microsoft issues a patch,” said Lenny Zeltser, an ISC security analyst.
Last Friday, Microsoft confirmed that attackers can use a malicious shortcut file, identified by the “.lnk” extension, to automatically execute their malware by getting users to view the contents of a folder containing such a shortcut. Malware can also automatically execute on many systems when a USB drive is plugged into the PC.
All versions of Windows, including the just-released beta of Windows 7 Service Pack 1 (SP1), as well as the recently retired Windows XP SP2 and Windows 2000, contain the bug.
In a related post, we reported that Sieman is warning customers about attacks on its industrial control software that exploit this bug.