Sophos Releases free tool to mitigate Microsoft’s .lnk vulnerabilityJuly 29th, 2010 by paulj

Sophos AntiVirus recently announced a free tool to mitigate the impact of a very serious and potentially catastrophic vulnerability in all current versions of Windows (and going back to at least Windows 2000, if not farther). The security hole is so severe, simply browsing anything that includes a .lnk (a webpage, a document, a file folder, a usb drive, a network share) is enough to execute the malicious code. You don’t have to open or execute anything at all to be infected.

At this time there is still no fix from Microsoft, but they have released a workaround as well as a quick-fix tool which will implement it for you; however, this solution disables or limits .lnk parsing, so most will find this fix to be a huge nuisance;  It will turn most of your icons into ambiguous white squares.

So, with the IT Security world in minor panic, Sophos comes to our rescue with the following tool, which specifically promises to intercept malicious code if a malicious .lnk comes our way:  http://www.sophos.com/pressoffice/news/articles/2010/07/shortcut.html

See here for microsoft’s temporary workaround solution (plus pics of what your icons will look like) : http://support.microsoft.com/kb/2286198

I’ll be installing the Sophos tool on my main machine shortly. Msg me or leave some comments if you’re curious about how it goes.

- Paul

Tags: .lnk, 2000, 2003, 2008, 2k3, 2k8, 7, anti, danger, dangerous, desktop, dropper, exploit, fail, free, help, infect, it, malicious, malware, microsoft, protect, protection, Security, server, shortcut, shortcuts, sophos, sploit, tools, trojan, virus, vuln, vulnerability, Win7, windows, worm, xp

This entry was posted on Thursday, July 29th, 2010 at 6:39 pm and is filed under Misc, Security, Vista, Windows 2008, Windows 7. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.