Users Scramble For ‘Critical’ Early Patch

Thousands are scrambling to install Microsoft’s patch for the critical .WMF vulnerability as more than 100 exploits act as a channel of attack for spyware, Trojans and adware.

Microsoft, veering from its monthly patch release schedule, issued the patch for the Windows metafile (.WMF) on Thursday. An advisory coming out of Redmond said the software giant was responding to ”strong customer sentiment” that the release be made available as soon as possible.

The security patch can be found here.

This isn’t the first patch issued for the .WMF flaw. It’s just the first one from Microsoft. Several third-party patches had already been released, leaving many IT managers in a quandry as to whether to patch their systems with what was available or wait for an official Microsoft release.

”This is a move Microsoft had to make,” says Steve Sundermeier, a vice president with security company, Central Command, which is based in Medina, Ohio. ”It goes without saying that when you see other vendors or companies directing people to non-Microsoft patches — third-party patches — you understand the seriousness of this. Microsoft had to take note and say, ‘Hey, it’s not a good thing when other people are patching our stuff for us.”

According to Chris Andrew, vice president of security technologies at PatchLink, which is based in Scottsdale, Az., there are varying reports about how many computers have been affected by the exploits. Estimates, he notes, range from a quarter of a million computers to a full million.

”In the world of Microsoft, where there’s hundreds of millions of computers, that’s a relatively small percentage,” says Andrew. ”But don’t forget this isn’t over yet. The reality is you’re not safe until you’ve patched every single computer. In this case, there is no time to waste. It’s an average of 30 days to get a single, critical security patch rolled out… This could hang on and cause problems for the next month or even longer.”

Sundermeier agrees that IT managers shouldn’t be wasting time in getting the patch downloaded, tested and installed. But he warns that it’s critical not to leave out a step — testing.

”If you’re a large corporation, you need to test all patches,” he adds. ”If you have a lot of proprietary software, yes, you need to do the testing. The last thing you want to do is to make things worse.”

The exploit hit the Wild last week, infecting fully patched machines. It’s being called a zero-day attack because the exploit code was released the same day the vulnerability was identified. Sundermeier points out that the security community hadn’t even known about the bug until the exploit hit the Wild.

Malicious code on a number of Web sites exploited the vulnerability on users’ machines. At this point, according to Sundermeier, mass-mailing emails have not been sent out directing people to the malicious sites. Users who have been hit have unfortunately stumbled upon the sites.

The Web sites involved download a malicious .WMF file onto the user’s computer. That file exploits the vulnerability, and then opens a backdoor and downloads a keylogger. If the user is logged in to her machine as an administrator, then the attacker could have complete control of the machine.

Vulnerable operating systems include several Windows Server 2003 editions: Datacenter Edition, Enterprise Edition, Standard Edition and Web Edition. Windows XP Home Edition also is at risk, along with Windows XP Professional.

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020