This news is already old, but I didn't think it's fair for us to publish all the releases from the anti-virus guys about the vulnerability and not say something about when Microsoft finally gets around to patching it.
For those who've missed it, there's a vulnerability in basically all versions of Windows that allows attackers to execute any code on your machine. That means they can do anything with your machine.
The exploit made mainstream headlines when the Stuxnet-B worm cropped up. Stuxnet-B is malware that was targeted specifically at SCADAs, systems that are used to control and manage critical infrastructure like power plants.
Microsoft released a patch for the vulnerability on Monday (2 August 2010).
From the Security Bulletin: "This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
On a side note, sorry for missing this one. I was hammering out my StarCraft 2 review on Monday so some of the news that broke slipped by me.
For those who've missed it, there's a vulnerability in basically all versions of Windows that allows attackers to execute any code on your machine. That means they can do anything with your machine.
The exploit made mainstream headlines when the Stuxnet-B worm cropped up. Stuxnet-B is malware that was targeted specifically at SCADAs, systems that are used to control and manage critical infrastructure like power plants.
Microsoft released a patch for the vulnerability on Monday (2 August 2010).
From the Security Bulletin: "This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
On a side note, sorry for missing this one. I was hammering out my StarCraft 2 review on Monday so some of the news that broke slipped by me.