Sophos provides free tool against .LNK

By : |July 26, 2010 0

BANGALORE, INDIA: IT security and control firm Sophos today released a free tool to protect against a Windows zero-day vulnerability that is being actively exploited to infect computers.

The Sophos Windows Shortcut Exploit Protection Tool protects against a high profile vulnerability that allows malicious hackers to exploit a bug in the way that all versions of Windows handles .LNK shortcut files. If Windows just displays the icon of an exploited shortcut file, malicious code can be executed – without requiring any interaction by the user.

According to a company press release, the product is a free tool, available for download from the compay web site. Intercepts shortcut files that contain the exploit, warning of the executable code that was attempting to run. That means it will stop malicious threats which use the vulnerability if they are on non-local disks, such as a USB stick.

Also read: Symantec updates against W32.Stuxnet threat

"So far we have seen the Stuxnet and Dulkis worms, as well as the Chymin Trojan horse, exploiting the shortcut vulnerability to help them spread and infect computer systems.  Stuxnet made the headlines because it targeted the Siemens SCADA systems that look after critical infrastructure like power plants – but there’s a warning for all computer users here," said Graham Cluley, Senior Technology Consultant at Sophos.  "Details of how to exploit the security hole are now published on the web, meaning it is child’s play for other hackers to take advantage and create attacks."

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.