Secure IT Foundation

Mild panic over Windows Shortcut vulnerability

Posted on: July 27, 2010

If you have been reading tech news stories about the ‘Zero Day’ Windows shortcut vulnerability becoming a serious mainstream risk, unusually they are correct. There is an unpatched vulnerability in all recent versions of Windows (XP, Vista and 7) which uses Windows to misread  a shortcut ‘.lnk’ file to take over your computer.  Now there is also an email based virus that uses this vulnerability to infect your computer. So is there reason to panic?

Normally Level 4 secured computers would be unaffected by most vulnerabilities as they are discovered due to configuration or mitigation security strategies. In this case the only current active protection is based on Anti Virus software, and it may not be enough to prevent an attack on its own. An English Anti Virus company has released a stand alone program that offers additional protection for Level 4 users and we are recommending its use until an official patch is released by Microsoft.

You can find out more about the tool made by Sophos here or download it directly here

Security Brad

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


  • None
  • Coldwind: Couldn't agree more. I downloaded a piece of software just now, disabled the 'toolbar' 'offer' (which fortunately for me has become a reflex); but co
  • ModemJunki: I only discovered this today - I had updated the firmware to the latest out of habit, and I could STILL access my TrendNet cams on the local network w
  • PrentOS – a Simple Secure Computer « Secure IT Foundation: [...] September 2010 we said it was time for a brand new start to computing, well it is starting to take shape… [...]

Categories

%d bloggers like this: