Print
In a recent blog post, Dave Forstrom of the Microsoft Security Response Center (MSRC) announced plans to release a security update later today to plug up a security hole discovered two weeks ago..
"We are releasing the bulletin as we've completed the required testing and the update has achieved the appropriate quality bar for broad distribution to customers," Forstrom wrote. "Additionally, we're able to confirm that, in the past few days, we've seen an increase in attempts to exploit the vulnerability. We firmly believe that releasing the update out of band is the best thing to do to help protect our customers."
The security hole, which Microsoft outlined in a recent advisory, involves Windows' mishandling of shortcuts in such a way that an attacker could gain access to a person's system when the user clicks a specially crafted shortcut. Security firm Sophos described the vulnerability as a "nasty" rootkit because of the way "it bypasses all Windows 7 security mechanisms, including UAC, and doesn't require administrative privilege to run."
Comments are closed on this article
CardsFan29
August 02, 2010 at 5:55pm
I installed the two files on my computer and everything's running fine.
Vernak
August 02, 2010 at 1:54pm
I take it that KB2286198 is the update in question given the description. I am grabbing it now, personally. If you ever have an update issue, you can always boot to safe mode and manually remove the update.
rehless
August 02, 2010 at 1:42pm
This critical update on 8/2 bricked both of my comps. Fortunately the system reverted on it's own. Any one else have trouble with this patch?
tri8gman
August 02, 2010 at 2:14pm
"You keep using that word... but I don't think it means what you think it means..."
leetNightshade
August 02, 2010 at 1:51pm
Now I don't think I'm even going to bother trying to apply it for a while.
