Month: July 2010
-
AV vendors offer ‘free’ LNK protection
Aw, aren’t we lucky ( well Windows users at least ) – G-Data and Sophos have stepped forward with free protection for the .lnk vulnerability. G-Data’s solution LNK-Checker displays no-entry signs for iconss associated with exploits while other icons function as normal.However, users can still click on malicious LNK files and start the malware manually,…
-
Windows LNK vulnerability attracts more attacks
The unpatched LNK vulnerability in all versions of Windows ( from XP onwards ) is attracting a lot more attention from malicious code authors. A further 2 exploits have been detected in the wild. The 1st .lnk trojan Stuxnet, was very specific about it’s payload, attacking Siemens SCADA software specifically. But the effectiveness of .lnk…
-
New Microsoft Windows exploit the most dangerous of all
A new malicious attack has been spreading through the internet in the last few weeks, initially using USB memory sticks to propagate. Called, the LNK vulnerability, the attack uses specially crafted shortcut (.lnk) files, which trick Windows into running code of an attacker’s choosing. Any Windows application that tries to display the shortcut’s icon—including Explorer—will…
-
Security vendors – stop your advertising antics!
I always find it quite amusing ( and ironic ) when security vendors eat their own dog food – and get bitten. Here are a few gems: Earlier this year, Mcafee released a definition file which a Windows XP SP3 system file ( svchost.exe ) it thought was a threat resulting in thousands of machines…
-
Microsoft and anti-virus software
I’m subscribed to a Microsoft UK email newsletter that I get once a month. The latest one started as follows: As someone who is fully aware of the potential dangers that the internet poses to those who use it for banking, shopping and social networking, you must get a lot of people asking for your…
-
Security, the employee and business
Anyone who runs a business ( from small SMEs to large corporates ) these days, with computing facilities for their employees, faces a tough battle with network and computer security. The list of external malicious vectors are endless, including phishing attacks, spyware, viruses, DoS attacks and many others. The Mariposa virus, shut down in March…
