LNK patch is out

03 Aug 2010

minute read

Authors

Costin Raiu

Just a short notice and heads-up to all – the Microsoft Security Bulletin MS10-046 which deals with the LNK vulnerability originally exploited by Stuxnet is now out. If you haven’t patched yet, you should. This is a critical vulnerability which is being actively exploited in the wild.

At the same time, we have received some reports which seem to indicate some problems with applying the MS10-046 patch: during the first reboot, the Explorer CPU usage goes skyhigh and it needs to be restarted to work.

Please let us know if you encounter issues applying this critical patch from Microsoft or if it just worked out fine.

Authors

Costin Raiu

LNK patch is out

Latest Posts

Latest Webinars

Reports

An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.

While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

LNK patch is out

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

TOP 10 unattributed APT mysteries

Applied YARA training Q&A

PuzzleMaker attacks with Chrome zero-day exploit chain

Looking at Big Threats Using Code Similarity. Part 1

YARA webinar follow up

In search of the Triangulation: triangle_check utility

How to train your Ghidra

OpenTIP, command line edition

Extracting type information from Go binaries

GReAT thoughts: Awesome IDA Pro plugins

Latest Posts

Threat landscape for industrial automation systems. Statistics for H1 2023

Free Download Manager backdoored – a possible supply chain attack on Linux machines

From Caribbean shores to your devices: analyzing Cuba ransomware

Evil Telegram doppelganger attacks Chinese users

Latest Webinars

2023 APT Landscape Unveiled: Trends, Challenges, Solutions

Cybersecurity risks in alternative energy sources

Securing ICS Workstations: Vulnerability Identification with OVAL

Unveiling the Darknet’s Malware-as-a-Service model

Reports

Focus on DroxiDat/SystemBC

APT trends report Q2 2023

Operation Triangulation: iOS devices targeted with previously unknown malware

Meet the GoldenJackal APT group. Don’t expect any howls

Subscribe to our weekly e-mails