Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

New Windows OS malware found out

Posted: 22 Jul 2010 ?? ?Print Version ?Bookmark and Share

Keywords:malware? Windows? OS? removable drives?

A vulnerability in Windows Shell, a component of the Microsoft Windows OS, could be used by malware for remote code execution. Microsoft has issued an advisory that the company is investigating the matter.

The advisory notes that vulnerability occurs because "Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed." They warn that the vulnerability is most likely to be exploited through removable drives. They reassure that customers who have systems that have the AutoPlay function disabled need to manually browse to the affected folder of the removable disk in order for the vulnerability to be exploited. Further, Windows 7 systems have AutoPlay functionality for removable disks automatically disabled. Meanwhile, Microsoft is working on a security update for Windows to address this vulnerability.

Microsoft says that Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008 are affected.

Stuxnet malware

Belorussian antivirus company VirusBlokAda reported that malicious software called the Stuxnet malware has been circulating since June to take advantage of this vulnerability. The malware uses .lnk files placed on USB drives to execute malicious code when the Windows OS reads the .lnk file.

Microsoft's Malware Protection Center blog explains that "In other words, simply browsing to the removable media drive using an application that displays shortcut icons (like Windows Explorer) runs the malware without any additional user interaction."

To mitigate the risk of compromise, Microsoft recommend the workaround of disabling the display of icons for shortcuts and the WebClient service.

Reports note that the malware also targets Siemens SCADA WinCC, an industrial process control system, and its visualization components.

Article Comments - New Windows OS malware found out
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top