Today Microsoft updated the security advisory that was initially published last Friday (July 16), stating that they’re working on issuing a security patch for this vulnerability. Earlier, malware exploiting this issue was found in the wild. Researchers at McAfee Labs have been busy tracking this issue over the weekend and we have come up with some more quick Q&A’s. 1. What
Microsoft 0day: Malformed Shortcut Vulnerability
Today Microsoft updated it’s security advisory, which was initially published last Friday (16th), stating that they’re working on issuing a security patch for this hole. Earlier, malware exploiting this issue was found in the wild. The researchers @ McAfee Labs have been busy tracking this issue over the weekend and we have come up with some more quick Q&A’s for
Code for Shortcut Zero-Day Exploit is Public
If you’re not following Mikko’s Twitter feed, you may have missed yesterday’s news that public proof of concept exploit code for the Windows shortcut (.lnk) vulnerability has been released on exploit-db.com. This further escalates the danger of the shortcut vulnerability. So far, only the authors of the Stuxnet rootkit have utilized the flaw, but now there’s
Shortcut to Malware and Phishing
URL shorteners are a relatively young category of Internet service. As many social services on the Internet like Twitter & Co. have a character limitation for messages, these URL shorteners became interesting for sharing links. For example, you’d loose 64 characters if you’d try to link to the Wikipedia article about URL shorteners directly: http://en.wikipedia.org/wiki/URL_shortening. But with an URL shortener
Espionage Attack Uses LNK Shortcut Files
There’s a possible new zero day in the wild which is being used in targeted espionage attacks. Belorussian antivirus company, VirusBlokAda, recently published news about two new rootkit samples, and quite interestingly, the infection vector is a USB storage device and Windows shortcut [.LNK] files. The rootkit uses a LNK file that infects the operating system when viewed by an icon rendering file explorer such as Windows
