Later today, Microsoft expects to release a security patch to address a zero-day exploit that hackers have used to target a feature known as the Windows Shell, taking aim at the way it processes shortcut files.
For Microsoft, today’s release breaks from its normal monthly security cycle, suggesting that the vulnerability is serious enough to merit more immediate action. eSecurity Planet has the details.
Microsoft gave advance notice Friday that it plans to release an out-of-cycle security patch on Monday aimed at fixing a critical zero-day hole in all supported versions of Windows that is already being exploited.
The exploit takes advantage of a hole in the way a component called the Windows Shell processes some shortcut files. The bug first surfaced in the wild in mid-July, according to a Security Advisory issued by Microsoft (NASDAQ: MSFT) on July 16.