Microsoft confirms new exploit involving Windows Shell

Microsoft on Friday issued a Security Advisory stating that it is investigating limited attempts to exploit a vulnerability in the Windows Shell.

The zero-day vulnerability was disclosed last week by Belorussian antivirus company, VirusBlokAda. It takes advantage of Windows shortcut files by making them execute automatically when accessed from a USB drive via Windows Explorer.

The Stuxnet malware, which is believed to have been circulating for about a month, attempts to exploit this vulnerability.

Stuxnet "takes advantage of specially-crafted shortcut files (also known as .lnk files) placed on USB drives to automatically execute malware as soon as the .lnk file is read by the operating system," explains Microsoft on its Malware Protection Center blog. "In other words, simply browsing to the removable media drive using an application that displays shortcut icons (like Windows Explorer) runs the malware without any additional user interaction."

Article: Information Week

No Comments Yet.

Leave a comment