A few days ago, on July 16th, Microsoft published a security advisory:
“The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed.”
Translation: any folder you open with a .lnk file (you know, that nice shortcuts we all have in our desktop) can execute a file without asking for permission.
Yes, scary, I know.
And the main problem is that this is not a vulnerability per se, but a feature. And it is included in all Windows versions, even those that are not supported anymore. And as it has to be fixed in each and every version of Windows, it will take more time to develop and test the patch 🙁
Microsoft already had a workaround, and now has published a user-friendly version of it here. One of the side-effects when applying the patch is that you will “lose” the image of some of your icons. As an example, take a look at my Quick Launch bar after I’ve applied the patch:
Well, this doesn’t look nice but it is better than being infected. And, at least, you can see what it is when you put the mouse pointer over it:
So now, please, everybody using Windows has to apply the workaround, it is mandatory, as it is a matter of time to start seeing new malware using this technique to spread infections worldwide.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
2 comments