Microsoft issues emergency flaw fix

SAN FRANCISCO - Microsoft issued an emergency patch Monday to correct a critical Windows bug that had allowed attackers to gain control of infected machines via program shortcuts.

Microsoft usually issues patches to fix software flaws just once a month. But the seriousness of the bug forced the software giant to issue an emergency patch outside the normal schedule.

Widely publicized last month, the flaw was used to attack industrial control systems in manufacturing and utility control systems via the so-called Stuxnet worm.

Exploiting the way Windows creates shortcuts to often-used application and software, the flaw was used to automatically execute malware that gave control of the computer over to attackers.

However, computers still running Windows XP Service Pack 2 or Windows 2000 were not included in Monday’s fix, because Microsoft, as previously announced, has stopped supporting those operating systems.