Microsoft Out Of Band Security Update Released - gHacks Tech News

Microsoft Out Of Band Security Update Released

Microsoft as expected has just released an out of band security update for the Windows operating system that fixes a critical security vulnerable.

The vulnerability affects all Microsoft operating systems that have been released in past years, including Windows XP, Windows Vista, Windows 7, and the Windows Server product line.

The severity of the issue and the fact that the security vulnerability was already exploited actively made the out of band release a necessity.

This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

windows security update
windows security update

The patch is available via Windows Update, or via Microsoft Download. Windows users are encouraged to download and install the patch as soon as possible to protect their operating system from attacks exploiting the issue.

The Microsoft Security Bulletin MS10-046 provides information about the patch. Its title is "Vulnerability in Windows Shell could allow remote code execution".

The list of affected operating systems includes all supported Windows client and server operating systems.

Additional information about the issue, deployment of the patch and vulnerability information are available at the Microsoft Security Bulletin.

Most Windows users will get the patch through Windows Update, the operating system's updating functionality which is set to automatic by default for security patches.

Update: Microsoft revised the Bulletin on August 24, 2010 to announce a change in detection and notes that this did not change the updated files in any way.

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Jashar said on August 3, 2010 at 8:41 am
    Reply

    For me, since i applied their interim Fixit patch a couple of weeks ago (which turns all your shortcuts white) this new patch, while it may be effective, has not changed my icons back, they’re all still white!

    1. Martin said on August 3, 2010 at 10:08 am
      Reply

      Jashar, that’s strange. Microsoft did not mention that users who have applied the Fix-IT solution, or applied the patch manually, had to change something in addition to installing the new patch.

    2. Martin said on August 3, 2010 at 10:10 am
      Reply

      Jashar, try the Fix-It to disable the workaround, you find it here http://support.microsoft.com/kb/2286198

  2. Jashar said on August 3, 2010 at 11:31 am
    Reply

    @Martin. Although i managed to eventually work out the process myself, i will say thank you as i’m sure i’m not the only one who will have this problem.

    It would have been nice if Microsoft patch had detected if the previous Fixit option had been installed and uninstalled it as a result. But oh well, i guess that would make too much sense.

    1. Martin said on August 3, 2010 at 11:38 am
      Reply

      Jashar I totally agree with you, they should have done that.

  3. ilev said on August 4, 2010 at 8:37 am
    Reply

    They should have done many things like fixing it back in Win95 , stop copy & paste of 20 years code from one version of Windows to other versions, or, if you need to copy & paste code every 3-4 years, at least check each line for security holes :-)

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.