Print 30 comment(s) - last by Siki.. on Aug 8 at 1:40 AM

StatsCounter claims Windows 7 (yellow) has just surpassed Windows Vista (green). Windows XP (blue, top) is still far ahead.  (Source: StatsCounter)
It's security panics and deja vu all over again for Microsoft

Windows 7 is arguably one of Microsoft's greatest achievements to date.  However, the company's OS is far from impervious, despite its free antivirus/malware protection suite, beefed up memory protections, and numerous security tweaks.

Today Microsoft will release an "out of band" emergency patch to try to lock out a highly dangerous new family of malware that's attacking Windows 7 via a vulnerability in .LNK files. 

LNK files are more commonly known as shortcuts.  You often see shortcuts on your desktop.  Clicking them runs programs in the Windows Shell (Microsoft's graphical layout in Windows and its supporting backend).  However, shortcuts can also be autorun, under certain conditions, when USB sticks or MP3 players newly connect to a machine.  The problem is that the autorun can be used to start an attack process, if the LNK file is a malicious attack package coordinator.

The vulnerability presumably existed in Windows for a long time, but only recently has been widely published in the hacking community.  Some hackers have created a new family of viruses called Sality, that are designed specially to exploit the vulnerability.

According to Microsoft's Malware Protection Center, "Sality is a highly virulent strain.  It is known to infect other files, making full removal after infection challenging, copy itself to removable media, disable security and then download other malware."

Christopher Budd, spokesman for the Microsoft Security Response Center, states, "We're able to confirm that, in the past few days, we've seen an increase in attempts to exploit the vulnerability.  We firmly believe that releasing the update out of band is the best thing to do to help protect our customers."

As of press time the patch does not appear to be live.  The Microsoft Knowledge Base article for the problem can be found here and a workaround lives here.

In other Windows 7 news, according to market researchers StatsCounter the new OS has finally surpassed its predecessor, Windows Vista.  Windows Vista never managed to pass Windows XP, the current market leader.  However, StatsCounter's numbers show Windows 7 market share soaring and Windows XP market share in an equally steady fall.

If those numbers give you deja vu, you're not going crazy.  Back in May, Janco Associates -- another market research troop -- reported that Windows 7 had passed Windows Vista internationally.  According to StatsCounter's research, though, this is the first month Windows 7 came out on top.  Its current numbers show Windows XP with 54.89 percent, Windows 7 with 19.56 percent, Windows Vista with 18.82 percent, Mac OS X with 5 percent, and Linux with 0.74 percent.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By bhieb on 8/2/2010 11:45:28 AM , Rating: 2
The vulnerability presumably existed in Windows for a long time, but only recently has been widely published in the hacking community.
This is a good sign. Essentially this is the modern equivalent of embedding code in the boot partition of a floppy. If the hackers are having to stoop back to this method (basically physical delivery), then maybe we are approaching an end to malware (of course as long as there are stupid people it will never go away completely).

RE: Desperate
By bupkus on 8/2/2010 12:56:05 PM , Rating: 2
of course as long as there are stupid people it will never go away completely
My first impression upon reading this quote was that MS should offer two different OS's, one for the casual user and one for the geek/professional/IT people. Then I remembered that that was already done in the Home vs Professional versions, differentiated by remote controls and I suppose other security vs convenience functionality.

RE: Desperate
By afkrotch on 8/4/2010 2:50:33 AM , Rating: 1
Home vs Professional. That's the dumbest crap ever. I have Win 7 Home Premium and Win 7 Pro. The options like language packs, which I figure would be in the Professional version, no longer there. Pro wasn't suppose to have the media center capabilities, no. It has it there by default.

I'm not sure what is suppose to be different between Home Premium and Professional. All I know is the professional shit I was expecting has since been removed.

"I want people to see my movies in the best formats possible. For [Paramount] to deny people who have Blu-ray sucks!" -- Movie Director Michael Bay

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki