Reports have been circulating for a few weeks about a new attack being targeted at certain Windows users that used USB memory sticks to propagate. More details have now emerged, including confirmation from Microsoft that a new flaw exists and is being exploited.
The attack uses specially crafted shortcut (.lnk) files, which trick Windows into running code of an attacker’s choosing. Any Windows application that tries to display the shortcut’s icon—including Explorer—will cause exploitation, so even the mere act of browsing a directory with the malicious shortcuts is sufficient for a system to be exploited. Analysis suggests that the shortcuts are not improperly formed; rather they depend on a flaw in the way that Windows handles shortcuts to Control Panel icons.
Read the comments on this post
View full post on Security
Related Posts
- Zero-day Windows exploit – Microsoft issues advisory
Microsoft has just published an advisory about a remotely-exploitable vulnerability in the Windows graphics rendering engine. A patch isn't available yet, but with Patch Tuesday just a week away, we ... - Shortcut Exploit: All Windows machines doomed?
The August 2010 edition of PCWorld (printed before the big kerfuffle) was on my desk this morning, and I couldn’t help but smile at the cover: Well, more particularly this: 55 sneaky shortcuts a... - Windows Shortcut Exploit: What You Need to Know
Microsoft released Security Advisory 2286198 late last week to address a newly-discovered zero-day flaw that can be exploited simply by clicking a shortcut icon. However, that original guidance is bei... - Windows Shortcut Exploit: What You Need to Know (PC World)
PC World - Microsoft released Security Advisory 2286198 late last week to address a newly-discovered zero-day flaw that can be exploited simply by clicking a shortcut icon. However, that original guid... - Code for Shortcut Zero-Day Exploit is Public
If you're not following Mikko's Twitter feed, you may have missed yesterday's news that public proof of concept exploit code for the Windows shortcut (.lnk) vulnerability has been released on ... - Hackers exploit Windows XP zero-day, Microsoft confirms
Hackers are now exploiting the zero-day Windows vulnerability that a Google engineer took public last week, Microsoft confirmed today.
View full post on Computerworld Security News... - Excel File Containing Adobe Zero-Day Exploit Found
We got hold of an exploit targeting the vulnerability Adobe reported in its most recent security advisory.
The exploit, detected as TROJ_ADOBFP.B (now detected as TROJ_ADOBFP.SM), takes advantage of t... - Microsoft warns of new Windows zero-day bug
Microsoft today warned Windows users of a new unpatched vulnerability that attackers could exploit to steal information and dupe people into installing malware.
Full story: Network World on Secur... - Windows 0-day exploit: Q&A session
Here is a Q&A session to address some questions we have received since yesterday:1) What versions of Microsoft Windows are affected by this flaw?The released exploit hit only Windows Vista and Window... - Windows 0day Exploit Bypasses UAC
There has been a proof-of-concept (POC) in the wild that includes source code containing information on how to exploit a flaw in Windows kernel API RtlQueryRegistryValues, which can lead to privilege...
Posted on 20 July 2010. Tags: Confirmed, Exploit, shortcut, Windows, ZeroDay
