Client Testimonial
"Many IT service providers are more interested in selling hardware than providing a prompt and value adding service. This is not the case with Dual Layer." read more »
Harmony Capital
Client Login
 Quick Contact
Microsoft patches shortcut flaw
Category : General 03 Aug 2010 10:27 AM | Industry News
The Windows Shell exploit uses shortcuts to programs on the Windows desktop, which are enabled by. LNK files. Typically, the exploit is distributed through the use of infected USB drives but users don't have to click on the shortcuts for the malware to spread. The infected shortcut files drop malware in Windows systems.
Earlier, Microsoft had associated the exploit with the Stuxnet worm, and later with the Chymine family of trojan droppers. Microsoft is now saying that the "highly virulent" Sality.AT malware dropper has taken the lead in exploiting the Windows Shell flaw. Since Sality.AT is active in Brazil, that county has seen a greater number of attacks trying to exploit the flaw.
The flaw is particularly embarrassing for Microsoft as it affects both Windows Vista and Windows 7, operating systems that were supposedly redesigned to avoid flaws that affected the firm's older code. Clearly this goes to show that Vista and Windows 7 are little more than paint jobs over the rust on Windows XP. >/dd>
The vulnerability resides in the Windows LNK extension, which is used to create shortcuts on the operating system desktop or in select folders to make it easier to access files. The OS fails to adequately parse some parameters, making it possible to embed malicious code that is automatically executed when an icon is viewed. Hackers have been exploiting the flaw using worms that spread over USB drives. Microsoft has also warned that it is exploitable using local network file-sharing features or the WebDAV, or Web Distributed Authoring and Versioning, client service.
The editions that was provided the fix against the "Window shell" vulnerability include Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.