ComSoc Community
Welcome, Guest. Please login or register.
February 07, 2012, 06:57:27 PM

Login with username, password and session length
ComSoc Community  |  SIG Boards  |  Windows SIG  |  Topic: Windows Shortcut Exploit « previous next »
Pages: [1] Go Down Print
Author Topic: Windows Shortcut Exploit  (Read 873 times)
Mr.Victor
Global Moderator
Jr. Poster
****

Karma: +7/-0
Offline Offline

Posts: 66

Club Member since 1992. Past President(98-01)
« on: July 30, 2010, 12:24:33 PM »
The Windows Shortcut Exploit, also known as CPLINK, is a zero-day vulnerability in all versions of Windows that allows a Windows shortcut link, known as an .lnk file, to run a malicious DLL file. The dangerous shortcut links can also be embedded on a website or hidden within documents.

This exploit works when you open a device, network share or point carrying an infection—you don't need to click on anything for the exploit to work, even if you have AutoPlay and AutoRun disabled. The exploit appears to be particularly effective with PDF file shorcuts.

Simply opening a Windows directory using Internet Explorer (either the desktop utility or the web browser) can allow the malicious shortcut file to launch its attack—a user does not have to open the shortcut file itself to be compromised. The spread of malicious shortcut files has been especially effective through infected USB memory sticks, although the they can also be distributed through fraudulent e-mails and web sites.

Once the malicious shortcut file compromises a computer, the computer can be accessed by hackers from the Internet.  Hackers can then install additional software to remotely control the computer, remove data from the computer, and steal passwords.

Microsoft has discovered that Windows-based SCADA (supervisory control and data acquisition) as well as plant and manufacturing computers running Microsoft Windows are being specifically targeted by hackers exploiting this vulnerability.  The attacks are intended to deliberately compromise, disrupt, and damage power utility and supplier control systems.


Microsoft Patch now available via Updates !    http://go.microsoft.com/fwlink/?LinkID=40747

Microsoft Bulletin with security fix download for specific Windows versions:  
http://www.microsoft.com/technet/security/bulletin/MS10-046.mspx


Microsoft Advisory -
http://www.microsoft.com/technet/security/advisory/2286198.mspx

Tool to find and remove this exploit;
http://www.sophos.com/products/free-tools/sophos-windows-shortcut-exploit-protection-tool.html


More details on this exploit ;

http://www.itworld.com/print/114561

http://www.sophos.com/security/topic/shortcut.html

http://www.computerworld.com/s/article/9179339/Windows_shortcut_attack_code_goes_public
« Last Edit: August 04, 2010, 11:56:00 AM by Mr.Victor » Logged
Pages: [1] Go Up Print 
ComSoc Community  |  SIG Boards  |  Windows SIG  |  Topic: Windows Shortcut Exploit « previous next »
Jump to:  


Navigation
» News » Meeting Location » Links » FAQs
» Photo Gallery
» Search Forums » Forum Help

Become a member of ComSoc today! Use our Online Membership Application.

Recent Topics

Users Online
11 Guests, 0 Users


[Site Statistics]

The WNY Computer Society
is a proud member of
 apcug logo


O'Reilly Logo

Informit



Adobe Reader Get Firefox Get Thunderbird Get AVG Ubuntu Kubuntu


   

Registration Agreement

© 1998-2012, WNY Computer Society, All Rights Reserved
Site hosted, designed & custom programmed by C&S Services.
Powered by Sphinx | Sphinx © 2005-2012, DynSCS
Forums: Powered by SMF 1.1.15 | SMF © 2006-20011, Simple Machines