Microsoft rushes out emergency fix for critical Windows bug
Get yours now
Customer Success Testimonial: Recovery is Everything
Microsoft on Monday rushed out an emergency patch for a critical vulnerability that criminals are exploiting to install malware on all supported versions of the Windows operating system.
As promised Friday, Microsoft released the update outside of its normal patching schedule because the vulnerability is being actively targeted. When the flaw first came to public attention three weeks ago, it was being used to attack SCADA — supervisory control and data acquisition — systems that control sensitive equipment at power plants, gas refineries, and other other critical infrastructure.
Since then, it's been used to install general-purpose malware from Zeus and other do-it-yourself crimeware kits used to siphon credit card numbers and other sensitive data from compromised computers. The Windows flaw resides in a shortcut feature that makes it easy to store commonly accessed files and folders on the operating-system desktop.
Users who employed a stopgap FixIt published two weeks ago should roll back their machines using the “disable workaround” feature here. Those who don't follow this advice will find that icons fail to display properly, causing folders and files to appear white without any of the customary graphics.
Users will most likely have to reboot their machines twice — once after uninstalling the workaround, and again after installing the update. Microsoft's out-of-band bulletin is here. ®
COMMENTS
Like everyone else?
Well, I've just called my Mum and she says she didn't look at it. So I guess that your claim that everyone else looked at this article is an "epic fail, n00b, lolz."
I read the technet post, my point was that the Reg could have outlined the affected sytems in their articles.
Now, if you're going to be an acerbic twat at least have the bollocks to do it without posting anonymously.
it was being used to attack SCADA .....
Isn't it a tad more accurate to say that MicroSoft was the attack on SCADA; and the inevitable repercussion was SCADA systems that are vulnerable to all manner of compromise... The SCADA suppliers shoulder the blame as well; but it is hard to believe that many companies would make the decision to switch platforms had the inherent design flaws of Windows been admitted.
Re : RE: All Penguin fanbois
As many people have pointed out there is already a steady stream of updates/patches for Linux distros. The main difference is that they come out at any time as soon as a problem is fixed or a new version becomes available. The major distros can automatically update, if that's what you want, and because rebooting is not required (except for kernel upgrades) the only way a user will know is if the logs are read or an application notifies such as a Firefox upgrade page.
A superior system
IT infrastructure monitoring strategies
What you need to know about cloud backup
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Customer Success Testimonial: Recovery is Everything
