ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

UPDATE: Should you be worried about the Windows "LNK" vulnerability?

By | July 21, 2010, 4:48am PDT

Summary: I’m getting a lot of emails about the recently discovered LNK exploit which makes nefarious use of the way Microsoft parses links and shortcut icons. Is it a big deal? Should you be worried? Should you just switch off your PC, unplug it and start using an abacus (or Mac? … or Linux?)?

I’m getting a lot of emails about the recently discovered LNK exploit which makes nefarious use of the way Microsoft parses links and shortcut icons. Is it a big deal? Should you be worried? Should you just switch off your PC, unplug it and start using an abacus (or Mac? … or Linux?)?

… breathe … breathe … oh, and DON’T PANIC!

First, some information as released by Microsoft.

The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit can also be included in specific document types that support embedded shortcuts.

Here’s a description of the vulnerability

What causes this threat? 
When attempting to load the icon of a shortcut, the Windows Shell does not correctly validate specific parameters of the shortcut.

In other words, a design flaw.

This vulnerability is present in 32-bit and 64-bit flavors of Windows XP, Server 2003, Vista, Server 2008, Windows 7 (including beta Service Pack 1) and Server 2008 R2 (including beta Service Pack 1). As you’d expect, Mac and Linux are unaffected.

Microsoft is working on an update, but as present there’s no timeline for when a patch will be released.

While attacks using this do seem to be sophisticated, they are at present very limited in nature. Looks like someone crafted this attack for a specific job. The good news from that is that this vulnerability isn’t in wide circulation. So while it could be loaded onto a USB flash drive or CD, or even leveraged remotely via network shares and WebDAV, the chances of you being affected by this vulnerability is as close to zero as to be zero.

On top of that, by now most of the top antivirus providers will have updated their signature files in order to be able to detect and defend against this nasty.

Also, for those of you who might be ultra paranoid, Microsoft has published workarounds which include stripping all icons away from shortcuts (something which I think will have a massive negative effect of productivity, to WebDAV client services (check out the Workarounds section of Microsoft advisory KB228698). For 99.9% of users out there, this should be unnecessary (especially if you run up-to-date antivirus). You can also chose to block LNK and PIF files at your borders if you have a firewall that accepts rules, which will provide protection from remote attacks.

For those wanting to know more, WebSense has a technical analysis here.

So, should you be worried? No.

[UPDATE: So, should you be worried ... ? Well, a little. These attacks have spread over the past few days, but still remain relatively low. However, if you are concerned, of feel that your antivirus software doesn't offer protection, it is advisable that you disable WebDAV client services, jsut to be safe.]

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Vulnerability, WebDAV, Microsoft Corp., Microsoft Windows, Security, Operating Systems, Software, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

57
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Should you be worried about the Windows
achu68 11th Aug 2010
Dear All,
I download the windows update but I'm not sure I'm safe concerning this issue. also i can see "IconHandler" value is still there happy how do i check the update is working?

Regards
View in thread
0 Votes
+ -
There is an A bomb in Times Square
kirovs@... 21st Jul 2010
Could it explode? Yes. But should you be worried? Definitely not! You do not go there except on weekends and Christmas? And I am sure by now our most competent boys in blue would have poured some water on the bomb so it does not overheat and explode.
0 Votes
+ -
RE: Should you be worried about the Windows
jeroldo 21st Jul 2010
@itkonlYou sir are a thief! Anyone who takes over someone else's sitel like this is stealing. What you are doing is not what this site is intended for. Not only that, but since you are stealing this property from this website, it tells me that you are dishonest. Therefor, I would NEVER buy anything from you. You have already proven you are a CROOK!!! xbox180
0 Votes
+ -
Not worried, however...
Michael Kelly 21st Jul 2010
I am glad I am informed. I'd rather know about it now than have it kept secret until a patch is available. At least then I have a fighting chance to protect myself and others for whom I am responsible.
0 Votes
+ -
Cue Dietrich...
Wolfie2K3 21st Jul 2010
"The world is coming to an end if you don't switch to Linux NOW! Linux is the ONLY software that CAN and WILL save your soul from the evil empire!" Blah blah blah..

Good info Adrian, Thanks.. I can rest easy.
0 Votes
+ -
Thanks for filling in Wolfie!
Dietrich T. Schmitz, ~ Your Linux Advocate Updated - 21st Jul 2010
@Wolfie2K3
Semper Fi
0 Votes
+ -
RE: Should you be worried about the Windows
mtifo@... 21st Jul 2010
@Wolfie2K3 I heard that since the mid-90's. I have yet to see a Linux PC in any home but mine (and a at a few friends? working in IT).
0 Votes
+ -
Linux in the home...
Raymond Danner 21st Jul 2010
@mtifo@... "I [have] heard that since the mid-90's. I have yet to see a Linux PC in any home but mine (and a at a few friends working in IT)."

I too have been working with Linux on and off since the mid-1990s, and there is good reason for this lack of penetration of the home market, quite aside from Microsoft's constant assaults on the Linux community (Linspire and other distros they've directly attacked, et. al). The fact that far too much hardware doesn't have downloadable drivers that just work is a huge minus to non-technically-minded people (i.e.: typical computer users)

I'm a computer technician, and I've yet to get my RTL8192SE-VA2 wifi card to work in either 32-bit or 64-bit Linux Mint 9 (which, since it's based on the Ubuntu codebase, is of huge concern). I've tried four versions of the driver, and compiling has been quick, but it hasn't worked, even though I'm following the instructions to the letter. That sort of problem is something the masses simply can't (or won't) bother with, and I can't say I blame them.
0 Votes
+ -
Linux in the home
pgit 21st Jul 2010
@mtifo@... I have over a dozen home users of Linux I service. Most of them got frustrated with windows getting gunked up over and over when the children lay hands on it.

A few got a conscience and switched when I explained Microsoft licensing to them. (ie why you are having trouble installing XP with your brother-in-law's disk and getting it validated)
0 Votes
+ -
Check any laptop with a "quick boot" environment
daboochmeister 21st Jul 2010
@mtifo@ and @Raymond Danner@ ... Maybe you don't consider this a PC in the home -- but a lot of laptops nowadays are shipping with "quick boots" built in -- e.g. HP laptops now have Splashtop in there, standard. Boots in 2 - 3 seconds, and you're using a Linux distro for mail, web, skype, music, video, etc.
0 Votes
+ -
RE: Should you be worried about the Windows
CobraA1 Updated - 22nd Jul 2010
@daboochmeister:

I see some problems with those "quick boot" environments:

-The one on my new netbook has icons that are way too abstract for most people to understand. The UI might win an art award, but is not user friendly.

-The dark theme on mine is questionable for every day use.

-Most important: It's about as clamped down as you can get. There's no readily available way to upgrade it, and no way to add apps that might better fit your needs. If you don't like the built-in apps, you might as well turn it off.

Despite having a Linux base, it's not very open.

Not being able to upgrade easily is a big security concern, as we all know that for best security you want to keep things up to date.
0 Votes
+ -
Most won't know its Linux and wouldn't care
Patanjali Updated - 22nd Jul 2010
@daboochmeister
Splashtop takes 17s to load on my Vaio P Series compared to Win 7 at 35s. Hardly instant-on, and hardly worth the time saved when its so restricted compared to a real OS. If I want 'instant-on', I just run Win 7 in sleep and it starts in 3s, and still lasts all day with intermittent use (as I have noticed most who use their iPods do) on one battery.


The thing is that such black box OSs are hardly going to give Linux brand recognition and are only as valid as long as the computer lasts, if they haven't been ditched much earlier because they didn't save enough time to bother with.

I didn't know Splashtop was Linux, as it could have been dedicated browser app/OS. The original P Series I had, had a different Linux 'instant-on' regime that proved just as slow to start up, so it got blown away with Vista when I upgraded it to Win 7.
0 Votes
+ -
narrow minded
bezoeker 26th Jul 2010
@Wolfie2K3

Yes, we should stand firm against these obsessed fanatics full of prejudgment against good quality software. Incredible that people are so narrow minded.

On the contrary, we know that the universe will not collapse, but still the earth may stop turning or at least the world as we know will cease to exist if we don't pick, out of a few 100 possibility's, the product of that Redmond company.

Some people may think that is sufficient to use it in two places, for our administration at the office where our employer put it on our computer and on our home computer where we had to buy it anyway when the thing was bought. But more is needed. People should not underestimate the vital importance to use it nowhere. Only so our world can survive.

For this we happily can count on a great company and moral reference like MS that was ready to licensing its great Win XP OS for just a few dollars on Netbooks, just to protect us against the dangers of that open OS.

What can we do anyway with that "open" OS. And do you ever hear users of MS products complaining that Linux is dominating the world of supercomputing, and is so strong in many other area's?
0 Votes
+ -
RE: Should you be worried about the Windows
bezoeker 27th Jul 2010
@CobraA1

IMPORTANT !!!
I think it is important to correct this potentially dangerous claim about a bootdisk:

"Not being able to upgrade easily is a big security concern, as we all know that for best security you want to keep things up to date."

If you boot from a bootdisk and then go directly to your homebanking site, you will be at least 10 times more save than if you use your hard-disk based computer that you normally use to visit the Internet. Even while that bootdisk does not have the latest version and patches for every soft on it.

It is very improbable that your system would get infected while visiting your homebanksite. To be infected before that malware has to be inserted before you burn the CD. At this moment that risk is very improbable.

Follow this (dutch) link to find out how the criminals proceed, http://www.tijd.be/nieuws/ondernemingen_financien/De_kraak_van_de_eeuw-_uw_onlinebankrekening.8942619-3095.art?highlight=internet%20criminelen or read any other information about the subject.
0 Votes
+ -
RE: Should you be worried about the Windows
Loverock Davidson 21st Jul 2010
Nope not worried at all. This vulnerability is so limited in scope it would be extremely hard to exploit. Microsoft will be issuing a fix soon enough which will make this whole thing non-existent. No need to even discuss it any further.
0 Votes
+ -
RE: Should you be worried about the Windows
kirovs@... 21st Jul 2010
@Loverock Davidson
ROFL! All is well. You can eat cake instead of bread. Not worried, not worried, not worried....
And I am glad at least one person knows the scope. Could you enlighten us Loverock? What tools did you use? You know you can make money by selling those to MS or Symantec?
0 Votes
+ -
RE: Should you be worried about the Windows
dev/null 21st Jul 2010
@Loverock Davidson - You are as dangerous as the people that make these malwares, trying to smooth over anything that makes your beloved Microsoft look less than pefect. Be objective at least occasionally and people might take you seriously.

This design flaw could execute any program, so assuming that others know about it, which I'm sure is true, there will be new payloads besides the original Siemens specific one. The fact that AV sigs now cover the original is pretty meaningless.

http://blog.didierstevens.com/programs/ariad/

Read very very carefully before installing.
0 Votes
+ -
RE: Should you be worried about the Windows
PollyProteus Updated - 21st Jul 2010
@Loverock Davidson - Dude, you have to be a Linux or Mac user playing at being a "koolaid drinking" Microsoft supporter.

Seriously, nobody can be this stupid/arrogant in real life (except maybe some conspicuous Linux advocates), give it up.

ZDNet, please please please, institute a "block user" ability? I beg you!!!!
0 Votes
+ -
You are new ZDNet readers, are you?
Patanjali 22nd Jul 2010
@PollyProteus
Anyone who has been here for any length of time knows that LD is all tongue-in-cheek.
0 Votes
+ -
Read this
kirovs@... 21st Jul 2010
Much better article. See who is worried, perhaps this will give you some perspective.
http://www.computerworld.com/s/article/9179358/Experts_predict_extensive_attacks_of_Windows_zero_day
0 Votes
+ -
Summary of that article
DevJonny 21st Jul 2010
@kirovs@...

Key points from that article are:

"Although we have not observed the vulnerability exploited beyond the original targeted attacks, we believe wide-scale exploitation is only a matter of time."

As well as :

The Internet Storm Center (ISC) pushed its Infocon threat indicator to "Yellow," a rare move, while Symantec also bumped up the status of its ThreatCon barometer to "Elevated." Today's shift by ISC was the first Yellow since July 2009...."

So yes this could be a big deal if it's adapted before MS can create and send out a patch!

Not a lot anyone can do other that wait and see which happens first!
0 Votes
+ -
Wasn't there supposed to be an extensive attack using the
Michael Alan Goff 21st Jul 2010
@kirovs@...
Conficker worm?

Didn't that turn out to be a dud?
0 Votes
+ -
RE: Should you be worried about the Windows
kirovs@... 21st Jul 2010
@goff256
Some dud, eh?
"Intramar, the French Navy computer network, was infected with Conficker on 15 January 2009. The network was subsequently quarantined, forcing aircraft at several airbases to be grounded because their flight plans could not be downloaded.
The United Kingdom Ministry of Defence reported that some of its major systems and desktops were infected. The worm has spread across administrative offices, NavyStar/N* desktops aboard various Royal Navy warships and Royal Navy submarines, and hospitals across the city of Sheffield reported infection of over 800 computers.
On 2 February 2009, the Bundeswehr, the unified armed forces of the Federal Republic of Germany reported that about one hundred of their computers were infected.
An infection of Manchester City Council's IT system caused an estimated ?1.5m worth of disruption in February 2009. USB flash drives have since been banned, as this was believed to be the vector for the initial infection.
A memo from the British Director of Parliamentary ICT informed the users of the House of Commons on 24 March 2009 that it had been infected with the worm. The memo, which was subsequently leaked, called for users to avoid connecting any unauthorized equipment to the network.
In January 2010, the Greater Manchester Police computer network was infected, leading to its disconnection for three days from the Police National Computer as a precautionary measure; during that time, officers had to ask other forces to run routine checks on vehicles......"
It goes on....
0 Votes
+ -
Conficker could have arrived STILLBORN...
Wolfie2K3 21st Jul 2010
@kirovs@...
Microsoft provided a patch that would have mitigated the problem back in October 2008. It was even an out of band patch - that is, it wasn't released as part of the regular Patch Tuesday event. You'd think that if Microsoft goes out of their way to release a patch like that, someone would realize that it's serious and it would garner special attention from IT people everywhere.

But no. The groups you mentioned didn't heed the warning, didn't get the patch and consequently got infected.
0 Votes
+ -
RE: Should you be worried about the Windows
kirovs@... 21st Jul 2010
@goff256 Wolfie2K3
Facts are facts. And was pointing to the fact what this "dud" could do/did.
0 Votes
+ -
There's a lot of 'whistling in the dark' going on.
Dietrich T. Schmitz, ~ Your Linux Advocate 21st Jul 2010
nt
0 Votes
+ -
Yeah the fix is interesting,
Snooki_smoosh_smoosh 21st Jul 2010
It kills the graphical representation of the users icons. And since users identify their programs and files by the icon, not having one would certainly throw them for a loop, and have a huge increase in support calls.
0 Votes
+ -
RE: Should you be worried about the Windows
msalzberg 21st Jul 2010
Quick correction:

You wrote "The good news from that is that this vulnerability isn?t in wide circulation." The vulnerability is in fact on every copy of "32-bit and 64-bit flavors of Windows XP, Server 2003, Vista, Server 2008, Windows 7 (including beta Service Pack 1) and Server 2008 R2 (including beta Service Pack 1). "

I think you meant to say the exploit isn't in wide circulation.
0 Votes
+ -
Wide circulation as in there aren't many exploits in use..
DevJonny Updated - 21st Jul 2010
@msalzberg

...at the moment. But if more exploits appear before a patch for this vulnerability does then this could be come a very serious issue.
0 Votes
+ -
RE: Should you be worried about the Windows
msalzberg 21st Jul 2010
@DevJonny

That's not my point: I just get annoyed when people who write for tech blogs confuse vulnerabilities with exploits.

As for your point: On the other hand, if a patch appears before there are more exploits, it won't become a serious issue. It's a big "if" either way.
0 Votes
+ -
You can lead a horse to water...
Wolfie2K3 21st Jul 2010
@msalzberg
But you can't make him drink. Microsoft can provide a patch, but if people don't install said patch...
0 Votes
+ -
RE: Should you be worried about the Windows
ahh so 21st Jul 2010
That's not my point: I just get annoyed when people who write for tech blogs confuse vulnerabilities with exploits.

@msalzberg
That's typically what the Redmond crowd does with Linux. Discredit Linux security on tech blogs with a bunch of FUD in order to dissuade the weak-minded into looking at alternatives to windoze.

That's what needs to be counteracted here.
0 Votes
+ -
Well, then, by Apple Fanbois' logic...
SonofaSailor 21st Jul 2010
This vulnerability doesn't really exist
0 Votes
+ -
No, no, no. You did it wrong.
Cylon Centurion 21st Jul 2010
@SonofaSailor

Do it like this:

Windows isn't the only OS to do this. ALL operating systems have this flaw. happy
0 Votes
+ -
They do?
ahh so 21st Jul 2010
@NStalnecker

Please cite.
0 Votes
+ -
It's a joke.
ye 22nd Jul 2010
@ahh so: nt
0 Votes
+ -
You sure?
ahh so 22nd Jul 2010
You never can be too sure with Nicholas...

wink
0 Votes
+ -
Slip the malicious shortcut onto a widely downloaded Linux CD or DVD -
Robert Carnegie 2009 21st Jul 2010
- and I bet you'll infect a lot of Windows systems.

Download ISO, burn to disc, Windows reads disk files, gotcha.

Of course the trick is to sneak the file onto a Linux in the first place, but it isn't unknown to be offered the latest cool Linux distro, without provenance.

Distrusting distros is one of my hobby-horse topics now.
0 Votes
+ -
RE: Should you be worried about the Windows
Michael Kelly 21st Jul 2010
@Robert Carnegie 2009

A healthy distrust of your software provider is a good thing. It keeps both of you alert.
0 Votes
+ -
RE: Should you be worried about the Windows
kirovs@... 21st Jul 2010
@Robert Carnegie 2009
While not impossible, that seems very unlikely scenario:
1. As you mentioned you need to sneak it in.
2. Most people would just boot from it. Nothing would get infected.
3. I have yet to observe an official CD distro to have any kind of malicious code in it. Please correct me if I am wrong.
0 Votes
+ -
RE: Should you be worried about the Windows
ahh so 21st Jul 2010
Of course the trick is to sneak the file onto a Linux in the first place, but it isn't unknown to be offered the latest cool Linux distro, without provenance.

@Robert Carnegie 2009
How so? Has that happened to you? Or is this more science fiction?
0 Votes
+ -
RE: Should you be worried about the Windows
Doublewood 21st Jul 2010
Are you CRAZY, yes you should be worried about this. This may turn out to dwarf Conficker. We have been working on this all night and are popping box after box with this exploit. At least two major penetration testing tools now have publicly available exploit code for this and there are new ways to embed this in a Word Doc, or Picture file coming. The author of this article is leading people astray. Trust me when I tell you that the computer security community is VERY worried about this. Ask US-CERT or NIST, or any of the AV providers. If there is no patch and I mean like within a day or so, this is going to get really ugly. Last night we figured out how to p0wn a whole network in a minutes and we are on the good guys team. Think what the bad guys are dreaming up.
0 Votes
+ -
Given Confickers limited impact it wouldn't be difficult to do.
ye 22nd Jul 2010
@Doublewood: This may turn out to dwarf Conficker.

The impact of Mac malware almost dwarfs the impact of Conficker.
0 Votes
+ -
RE: Should you be worried about the Windows
rick@... 21st Jul 2010
Here is what I find interesting. From what I have read, it appears this defect has existed since W2K. That's quite awhile ago.

So this flaw has existed for many years. And during those years, many thousands of people all over the world have spent many thousands of hours trying to find flaws in Windows that they can exploit, like this one. Despite all that time and effort, it has taken until now for someone to find this particular flaw.

I know the ABMers will try to paint this as being something that was "easy" to find, and that Windows is full of all kinds of flaws that any idiot can easily find and exploit. But if this was so easy to find, why wasn't it found years ago? It's been there since W2K, right? So why didn't someone find it before now?

Could it be that some of these flaws are really kind of difficult to find? Could it be that, in many cases, it really does take a great deal of time and effort to find a flaw like this and figure out how to exploit it? And if that is the case, I have to wonder what would happen if the same number of people spent the same amount of time trying to find flaws like this in other OSes besides Windows. Again, the ABMers seem to be quite certain that only Microsoft OSes have flaws like this, while non-Microsoft OSes are invulnerable and nearly flawless. But here we see a case where a flaw has existed for years, and no one was able to find it until now. Isn't it possible that other OSes have similar flaws that may take many man-years of investigation to discover?

Rick
0 Votes
+ -
Good points...
Wolfie2K3 21st Jul 2010
@rick@...
Didn't we hear about another vulnerability that was only recently found - in the 16 bit subsystem? That one existed since Windows 3.x - or about 17 years.

And for what it's worth - you're right on the money. Add to the fact that it takes many hours (usually) to find vulnerabilities, a couple of things - market share (why try infecting a group of computers that make up less than 10% of all computers) and their reputation for being "impossible" to infect.

Then again, Charlie Miller, perennial winner of the Pwn2Own contest seems to think you can't swing the proverbial dead cat without running into a bug in OSX. I believe his last interview, after Apple released their big 88 patch back in April, he said he had a library of over 125 vulnerabilities - and that big patch only took out something like 25 or so out of his collection.
0 Votes
+ -
How long has this vulnerability been in effect?
jasondlnd Updated - 21st Jul 2010
This has been around since Windows 2000?!? 10 years is too long to have a vulnerability go un-noticed.

All of the Windows machines that I service and use have the latest Anti-virus updates and OS patches. That being said, they're still NOT protected from this vulnerability!

This is an outrage for me as a paying customer. To have a widespread vulnerability present for 10(+) years (with no patch date in sight) is insanity.
0 Votes
+ -
Well...
Qbt Updated - 21st Jul 2010
@jasondlnd

10+ years is an issue if you can, with a straight face, claim that no other OS has undiscovered vulnerabilities that have been around for similar periods of time.

The important part is, once a vulnerability has been discovered (either by hackers [and subsequent malware that highlights the vulnerability] or by someone responsible), after that point it becomes known pretty quickly, and will be patched.
0 Votes
+ -
RE: Should you be worried about the Windows
tom@... 21st Jul 2010
For anyone usiing a reputable AV scanner and having an updated Windows system, there's nothing to worry about pre-duriing-post the dispersal of the malware. Too many people IMO are not bothering to read and be cognzant all of the avalable informatoin provided so far, whiich is rather comprehensive. If you're up to date and runninig your programs properly you'll have no problems and haven't had any problems due to this malicious software stored in flash. I have to admit it'd be nice to see a few Chinese heads roll and one or two at Dell for missing this easily detected malware, but ... that won't happen, I know.
While I applaud Dell for their currently pro-active stance and taking responsibility, I hope this is the straw that kicks them into a more sensible gear for what happens and doesn't happen off-shore. Code and data shouldn't be installed and left installed by anyone except the seller of the product. THAT would heighten my appreciation for that company. I know, $$: I'll pay it.
0 Votes
+ -
RE: Should you be worried about the Windows
tracy anne 21st Jul 2010
I stopped worrying about Windows vulnerabilities 10 years ago. This is just another one I'm not at all worried by.
0 Votes
+ -
RE: Should you be worried about the Windows
regouta@... 22nd Jul 2010
You write : "This vulnerability is present in 32-bit and 64-bit flavors of Windows XP, Server 2003, Vista, Server 2008, Windows 7 (including beta Service Pack 1) and Server 2008 R2 (including beta Service Pack 1). As you?d expect, Mac and Linux are unaffected."
Apparently similar shortcut parsing technique is carried through since XP.
My question : how come these flaws are detected so late in the day ?
0 Votes
+ -
Stop singing the Bobby McFerrin tune, Adrian!
daboochmeister 22nd Jul 2010
Time to START worrying and definitely NOT be happy:

http://www.computerworld.com/s/article/9179512/Microsoft_warns_of_Windows_shortcut_drive_by_attacks

Attack only requires that a user view a website that's hosting one of the compromised .lnk files in IE on an unpatched PC.

Given that we KNOW that a significant percentage of users don't get antivirus updates and patches in a timely fashion, this could turn into a very big deal indeed. No wonder MS is treating it as a priority.
0 Votes
+ -
RE: Should you be worried about the Windows
achu68 11th Aug 2010
Dear All,
I download the windows update but I'm not sure I'm safe concerning this issue. also i can see "IconHandler" value is still there happy how do i check the update is working?

Regards

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix