Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft has released an emergency fix for a Windows vulnerability that is being exploited to launch attacks against industrial control systems.The patch (MS10-046) fixes a flaw involving the way the operating system handles shortcut files (.lnk). It affects Windows 7, Vista, XP, Server 2008 and Server 2008 R2.The flaw permits a malicious .lnk file installed on a USB device to run a Dynamic Link Library (DLL), and a machine can be infected simply by a user viewing the related icon, security experts have said.The out-of-band update, the third such emergency fix this year from Microsoft, comes as a new strain of malware pounces on the vulnerability, leading to a dramatic increase in attempted exploits. The Stuxnet worm initially was responsible for most of the attack attempts, but according to the software company's Malware Protection Center, the Sality malware family now has overtaken Stuxnet in terms of prevalence."Sality is a highly virulent strain," according to a Microsoft blog post. "It is known to infect other files (making full removal after infection challenging), copy itself to removable media, disable security and then download other malware. It is also a very large family — one of the most prevalent families this year."What makes this vulnerability so unique is that many of its exploits have been targeting SCADA (supervisory control and data acquisition) systems.But because many of those systems run on older operating systems no longer supported by Microsoft, they will not be patched, said Andrew Storms, director of security operations at vulnerability management firm nCircle. "Utility companies that know they cannot upgrade are fully aware their systems contain a public vulnerability that is being exploited," Storms said. "Utility companies and SCADA vendors are probably scrambling to find a resolution to this problem as quickly as possible. All users that haven't upgraded from XP Service Pack 2 will also remain vulnerable. Today's patch is another powerful reason for XP users to take advantage of the free upgrade and move sooner rather than later.” In the days following Microsoft's disclosure of the bug on July 16, most of the attempts to infect systems turned up in Iran. Since then, the the United States and Brazil have been hit particularly hard, according to Lumension, a vulnerability management company.See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.