The LNK vulnerability that was first revealed to the public more than two weeks ago and has since then been exploited to spread ZBOT and SALITY malware has now been fixed with an out-of-band patch issued today. With or without any patch, attacks exploiting this vulnerability are likely to become more common.
The out-of-band patch—only the third of the year—comes only a week ahead of August’s regular Patch Tuesday. Microsoft itself said last Friday when it announced the patch that it has “seen an increase in attempts to exploit the vulnerability,” highlighting the importance of releasing an early fix.
Home users should patch their systems as soon as they can to protect themselves from this threat. Enterprise users who may defer patch deployment until a later date should protect themselves with the already existing workarounds or with certain Trend Micro products such as Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plug-in.
Here are the previous blog posts where this threat was discussed:
- USB Worm Exploits Windows Shortcut Vulnerability
- Exploits for Windows Shortcut Vulnerability in the Wild
- ZeuS/ZBOT and SALITY Jump on the LNK Exploit Bandwagon