Sophos releases a free protection tool for the Windows shortcut exploit

Posted on July 27, 2010 by Steven Hodson | Leave a comment

There is a really nasty Windows exploit making the rounds and with a fix from Microsoft still being worked on a lot of desktops are being left vulnerable. The exploit applies to all versions of Windows and uses the Windows shortcut link to enable the running of malicious DLL files.

From the Microsoft security advisory (2286198):

Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as well as workarounds and mitigations for this issue.

The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit can also be included in specific document types that support embedded shortcuts.

Now until Microsoft has a workable patch they have issued a workaround that basically blanks out your Start Menu shortcut icons but this isn’t something that a lot of people will be doing.

However Sophos has announced the immediate availability of a free protection tool – Windows Shortcut Exploit Protection Tool.

Block the Windows Shortcut Exploit

The Windows Shortcut Exploit is a zero-day vulnerability in all versions of Windows that allows a Windows shortcut link to run a malicious DLL file. Our free, easy-to-use tool blocks this exploit from running on your computer.

First, check your computer

Before downloading this free tool, first scan your computer with your existing anti-virus to check for and remove malware that may be present.

Stay protected from the exploit

After you have scanned your computer, download and install our Windows Shortcut Exploit Protection Tool. Our tool will notify you if you happen to browse to an exploited link and it will block the exploit from running.

They have also provided a short video outlining the exploit

Related posts:

  1. It seems that Windows 7 might have a 64-bit security hole
  2. A free file encryption program from Sophos
  3. Free protection service coming with Windows Phone 7
  4. Keyboard shortcut heaven for Hotmail users
  5. [Win 7 Tip] More keyboard shortcut goodness – Media Player

About Steven Hodson

Just a cranky old fart who loves nothing better than blogging about Windows and Microsoft. I also write at my Shooting at Bubbles blog which is about Social MEdia.
This entry was posted in windows and tagged , , , . Bookmark the permalink.
Attention: If you are a Microsoft employee, or someone closely connected to the company, WinExtra accepts and posts anonymous comments. However the comments will be looked over as they are posted and any anonymous comments that are of a spam nature (at our discretion) will be removed.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>