By Paul Thurrott
MS04-022 (KB 841873): Microsoft issued seven security fixes on July 13 as part of its regularly scheduled monthly security patch schedule. Two of these fixes, including MS04-022, are rated as ” critical” by the software giant.
According to Microsoft, Windows XP (both the original version and XP SP1), Windows 2000 SP2 through SP4 (all versions), and Windows NT 4.0 SP6a (Server and Workstation) with Internet Explorer 6 Service Pack 1 (SP1) are affected. They’re vulnerable to a newly-discovered security hole involving the Windows Task Scheduler’s “.job” file format that could be exploited by hackers to gain complete control of your system.
Task Scheduler is the feature in Windows used for automating repetitive tasks, such as backups, disk defragmentation, and the like. In most versions of Windows, the Task Scheduler is accessed through the Control Panel’s Scheduled Tasks applet.
When a new task is added through Scheduled Tasks, Task Scheduler creates a .job file in the Tasks folder, located in C:WindowsTasks by default on modern versions of Windows. However, it’s possible to create a specially designed .job file that could run a local or remote program. If the user executes such a file, or saves it to the Tasks folder, their system could be compromised.
Users running with administrative privileges are more at risk than limited account users. Any code executed by a .job file will run within the privilege context of the current user. Still, Microsoft recommends that all users of affected systems install this patch immediately, regardless of their account type. That’s our advice as well. To date, we haven’t heard of any major problems with this patch.