back to article Unpatched shortcut vuln exploited by mainstream malware

Virus writers have begun using the unpatched shortcut flaw in Windows first exploited by the Stuxnet worm, which targets power plant control systems, to create malware that infects the general population of vulnerable Windows machines. Slovakian security firm Eset reports the appearance of two malware strains that exploit …

COMMENTS

This topic is closed for new posts.
  1. J 3
    Alert

    Warning!

    "My OS is better than yours" flame war in 3... 2... 1...

    1. Anonymous Coward
      Grenade

      ok

      tell me why this makes windows so good

      1. J 3
        Linux

        @ok AC

        You heard of what happens when you assume, haven't you? :-)

        (haven't touched MS code for more than a few minute in 10 years)

        Anyway, it's incredibly quiet here , so my prediction failed. What can I do, I'm no octopus. Must be the weekend.

    2. Anonymous Coward
      Anonymous Coward

      OK - if you insist

      My OS is better than yours

      1. Aussie Brusader
        Gates Horns

        It's not your OS...

        You're just allowed to use it.

        1. Anonymous Coward
          Linux

          Re : It's not your OS

          It's certainly NOT Windows

  2. copsewood
    Boffin

    Separation of data and code

    There shouldn't be a risk on any widely used operating system or platform that when an application or user attempts to read data, that code which arrives with the data gets executed outside of a very tightly sandboxed environment. In a more ideal world market forces would prevent operating systems or platforms (e.g. Windows or Flash) which blur this boundary from existing. In a monopoly ridden (i.e. closed source) world, users of such platforms (e.g. Windows, or Flash on Linux) have to put up with or mitigate the growing number of exploits which arise as symptoms of this architectural disease. Having to run security updates every week is patching the symptoms, and not curing this disease.

  3. lucmars

    Just a shortcut icon

    That's incredible, isn't it ?

    1. Chemist

      Re : Just a shortcut icon

      Previously posted :

      http://www.kb.cert.org/vuls/id/940193

      "Microsoft Windows fails to safely obtain icons for shortcut files. When Windows displays Control Panel items, it will initialize each object for the purpose of providing *dynamic icon functionality*. This means that a Control Panel applet will execute code when the icon is displayed in Windows. Through use of a shortcut file, an attacker can specify a malicious DLL that is to be *processed within the context of the Windows Control Panel*, which will result in arbitrary code execution."

      1. Nigel 11
        Joke

        And reading between those lines...

        ... this is a feature which was insisted on by a marketing person, so that he could have icons which flashed purple and pink and jumped up and down while making Whee! noises.

        An engineer pointed out that this was really bad system design with unlimited potential for security breaches.

        The marketing drone pointed out that this was really cool artistic design with unlimited potential for supporting the Wubbly(TM) marketing campaign, and future highly profitable developments.

        The engineer was over-ruled.

        Wubbly(TM) was canned a few months later when someone higher up pointed out that it might cannibalise the sales of Microsoft Office. Which is why we have never heard of it and have been spared a proliferation of purple-and-pink-flashing active icons.

        Unfortunately, not a proliferation of malware, because the engineer was right. (Engineers are *always* right, but no-one ever listens until after the design is changed without their approval, and the inevitable consequences follow).

        All this is complete fiction based on no facts whatsoever. Have you got a better explanation?

        1. Chemist

          Re : And reading between those lines

          I think so - which is why I put the asterisks in !

  4. Ned Ludd
    Go

    Mac and Linux users...

    ...you can put your smug hats back on now!

    1. Anonymous Coward
      Alert

      RE: Mac and Linux users...

      We never get the chance to take our "smug hats" off.

      El Reg gives us news of a different MS vulnerability once or twice per week!

  5. multipharious

    Not going to fix THAT

    Check out the "Fix It." I would rather risk infection than have all my icons blocked.

    Oh well, I have been spending all my days lately in native Ubuntu terminal ssh sessions or PuTTY anyway. GUI? What's that?

    1. Tom 13

      That was my initial reation as well

      But with the latest news and the potential for a blended threat...

      I may be willing to risk it at home where I can control most of what I access, but work places may need to reconsider.

  6. Ross 7

    Source

    Seems like it may be Russian in source. They are big on using energy as a blackmail tool. Presume they let it loose amongst their neighbours so they could 'cause energy shortages and it spread.

    1. ElReg!comments!Pierre

      Source

      Clearly the source is BP, in an attempt to deflect a bit of the heat towards other energy sector. "Hey we had a leak alright, but everyone else does, too. Lookitdat. Oil leak, information leak, same-diff".

This topic is closed for new posts.