Shortcut worm affects all versions of Windows

Critical zero-day vulnerability looms large; no "shortcut" as yet for Windows XP SP2 machines.

Microsoft has recently issued a security advisory (2286198) validating the existence of a critical vulnerability...

in all supported versions of Windows. The latest one to be detected is the new zero-day 'shortcut worm' vulnerability which is exploited via USB storage devices, network shares or remote WebDAV shares. This exploit is possible if the USB device's contents can be viewed in Windows Explorer. The shortcut worm attack is executed when specially crafted shortcut (.lnk) files execute code as the shortcut's icon is loaded to the GUI. This was first discovered during the investigation of the Stuxnet rootkit used in targeted attacks that focused on Siemens SCADA systems. The shortcut file used in this case is detected as Exploit: W32/WormLink.A. Furthermore, the situation is now more critical as a publicly available proof of concept was posted to several exploit database sites over the weekend. Antivirus vendor F-Secure anticipates that virus writers will abuse shortcut worm-based attacks in the near future. As a preventive measure, it suggests that companies establish or review their USB Device Policy, as well as migrate from Windows XP Service Pack 2 to Windows XP Service Pack 3 as soon as possible.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Data breach incident management and recovery

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close