New
#1
Thanks for the info Nem :)
More HereSophos has released a tool which can protect users against exploits that target a currently unpatched Windows vulnerability in the way shortcut icons are processed. The critical bug discovered earlier this month has already been adopted by a variety of malware families and that's only expected to increase.
The new vulnerability, identified as CVE-2010-2568 and confirmed by Microsoft in Security Advisory 2286198, was discovered being exploited in the wild by a highly sophisticated piece of malware earlier this month. The flaw stems from the way Windows processes control panel shortcut icons and allows an attacker to automatically execute malicious code by tricking users into opening a folder containing specially crafted LNK files.
Initially it was believed that the vulnerability could only be exploited from removable USB devices or network shares. However, Microsoft later revealed that attackers can also launch attacks leveraging it via websites or other document files.
I find it curious that a 3rd party company is releasing a "temporary" fix for a problem that clearly belongs to "Microsoft"
Sophos Releases LNK Exploit Protection Tool - Detects malicious shortcuts in real-time - SoftpediaConsidering that it might take two more weeks until an official patch for this bug is provided by Microsoft, as part of its regular monthly patch cycle, security engineers from Sophos have decided to create a small tool to protect users in the meantime.
Interesting... I'll await Microsoft's offering.
My two cents.
Interesting article about both of these fixes. Still a few bugs in their fix.
Anti-virus vendors offer free LNK protection - Update - The H Security: News and Features
I am using the MS fix for now.
Jim
Microsoft update (fix) for it:
Microsoft to release fix for Windows Shortcut flaw on Monday
Last edited by Airbot; 02 Aug 2010 at 13:40.