Calling it a “tool” the programming staff at Microsoft has stated they will release it on Monday, making the LNK file problems go away forever.

At least that is the theory.

When I read the details today, in Ars Technica, I was immediately struck by the admission that the problem has become worse, and that might have been one reason why the fix is coming as an out-of-band release, but I also am somewhat dumbfounded why, if the fix is available now ( as it has been announced…) that the public must wait until Monday for it.

Is this a way of driving home a point that Microsoft is the savior of the greater computing world? Are we to genuflect towards Redmond and pray for the continued blessings from Pope Ballmer? (By his own admissions, the Operating system division is no longer the first priority – which is bad, as Microsoft needs to remember what its bread and butter is, and it is not tablet computers…)

[Ars Technica]

Microsoft has announced plans to release of an out-of-band update on Monday to address the Windows Shortcut flaw revealed less than two weeks ago. The software giant has been keeping a close watch on the use of .LNK files exploiting the vulnerability and has concluded that it needs to act faster than usual.

Microsoft typically releases security patches on the second Tuesday of each month, with the next slated for August 10. Redmond is releasing this fix eight days early, at approximately 1PM EDT Monday. All currently supported versions of Windows are vulnerable, including Windows 7, so the majority of Windows users should be receiving this patch.

There have been multiple malware families that have picked up the .LNK attack vector, including a highly virulent strain named Sality.AT. Not only is Sality a very large family, but it is known to infect other files (making full removal after infection challenging), copy itself to removable media, disable security, and then download other malware. Microsoft has seen an increase in attack attempts as well as a change in the geolocation of the attack attempts across the systems it protects. In short, this new attack vector is becoming more widespread. The security team at the company believes more families will continue to pick up the technique, leading it to get the patch out as soon as possible.

There has been at least one other fix chronicled for the LNK exposure problem, and the first, from Sophos, has had no complaints about its efficacy. Since those are working, Microsoft may have not felt the need to release something that no doubt will break some stuff. I guess we will see on Monday what is going to break, and how long it will stay broken.

The Sophos solution has no ill effects on my systems, and if there are problems with the one from Microsoft, people can simply continue to use the Sophos release.




Quote of the day:

Be who you are and say what you feel, because those who mind don’t matter and those who matter don’t mind.

– Dr. Seuss