There is a really nasty Windows exploit making the rounds and with a fix from Microsoft still being worked on a lot of desktops are being left vulnerable. The exploit applies to all versions of Windows and uses the Windows shortcut link to enable the running of malicious DLL files.

From the Microsoft security advisory (2286198):

Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as well as workarounds and mitigations for this issue.

The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit can also be included in specific document types that support embedded shortcuts.

Now until Microsoft has a workable patch they have issued a workaround that basically blanks out your Start Menu shortcut icons but this isn’t something that a lot of people will be doing.

However Sophos has announced the immediate availability of a free protection tool – Windows Shortcut Exploit Protection Tool.

Block the Windows Shortcut Exploit

The Windows Shortcut Exploit is a zero-day vulnerability in all versions of Windows that allows a Windows shortcut link to run a malicious DLL file. Our free, easy-to-use tool blocks this exploit from running on your computer.

First, check your computer

Before downloading this free tool, first scan your computer with your existing anti-virus to check for and remove malware that may be present.

Stay protected from the exploit

After you have scanned your computer, download and install our Windows Shortcut Exploit Protection Tool. Our tool will notify you if you happen to browse to an exploited link and it will block the exploit from running.

They have also provided a short video outlining the exploit


Related posts:

  1. Free protection service coming with Windows Phone 7
  2. A free file encryption program from Sophos
  3. Software FYI: Windows Error Code Lookup Tool
  4. Windows 7 SP1 Beta – better check your free disk space
  5. [Win 7 Tip] More keyboard shortcut goodness – Media Player