Microsoft to issue patch for dangerous USB rootkit hole

Microsoft to issue patch for dangerous USB rootkit hole
Microsoft MCTS Training on Tuesday will release a rare out-of-band patch to fix the highly dangerous zero-day vulnerability  that has caused multiple researchers to issuing warnings earlier this month. The patch will be for all supported versions of Windows and will require a restart.

As I previously wrote about, the exploit is a whopper on all levels. It comes into the enterprise via hidden files on USB sticks or via shared network files. It requires no user interaction to infect the system (simply viewing the icon is enough to trigger it). It propagates itself. It loads as a rootkit infection. It affects all Windows operating systems, even full-patched Windows 7 systems. It seems to target extremely sensitive information — researchers say it seems to have been made for espionage. If all that weren’t scary enough, a researcher has already published proof-of-concept code.

The attack exploits a vulnerability in Windows Shell, a component of Microsoft Windows. Although many anti-virus software makers claimed that they were able to update their wares to detect the rootkit, security experts remained highly concerned about the hole, as did Microsoft MCITP Certification. In a blog post today, Christopher Budd, Sr. Security Response Communications Manager at Microsoft, explained, “we’re able to confirm that, in the past few days, we’ve seen an increase in attempts to exploit the vulnerability.”

Microsoft to issue patch for dangerous USB rootkit hole

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top