Microsoft To Issue Emergency Fix For Windows .LNK Flaw
112
Trailrunner7 writes "Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn't identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for several weeks now, most notably with the Stuxnet malware. The advance notification from Microsoft on Friday said that the company is patching a critical vulnerability that is being actively exploited in the wild and affects all supported Windows platforms. The LNK flaw in the Windows shell was first identified earlier this month when researchers discovered the Stuxnet worm spreading from infected USB drives to PCs. Stuxnet has turned out to be a rather interesting piece of malware as it not only uses the LNK zero day vulnerability to spread, but it had components that were signed using a legitimate digital certificate belonging to Realtek, a Taiwanese hardware manufacturer."
Friday sysadmin appreciation day, (Score:5, Funny)
http://blogs.technet.com/b/msrc/archive/2010/07/29/out-of-band-release-to-address-microsoft-security-advisory-2286198.aspx [technet.com]
what is this .lnk flaw anyway? (Score:5, Funny)
I still haven't understood what this .lnk flaw actually is, or what fun things it might be used for (and how).
The previous discussion about this talked about SCADA systems, so I read the wikipedia article about SCADA but still don't quite get what it really is. And the vulnerability seemed to only be exploited on one particularly stupid system which used a hard-coded password.
And it seemed to also require the use of Autorun/Autoplay which should obviously be disabled anyway. I have 2 files to take care of that on all my USB drives:
Autorun.inf:
[AutoRun]
open=autorun.cmd
shell\open\Command=autorun.cmd
shell\explore\Command=autorun.cmd
And autorun.cmd:
@ECHO OFF
ECHO ALERT: You have autorun enabled on this drive (%~d0)!
ECHO.
ECHO Trying to disable it:
@ECHO ON
REG ADD "HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun" /ve /t REG_DWORD /d 255 /f /ve /d "@SYS:Autorun-Disabled" /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf"
@ECHO OFF
ECHO.
ECHO You may need to reboot.
ECHO.
@pause
Re:Too bad, it's a great conversion tool. (Score:3, Funny)
...SYSLINUX....COM32...NTLDR... Windows Boot Manager...
The what now? ...the age of the 1-click iPad has begun. There is a reason for its success...
My Lawn! You BASTARD!
The 1 click wonder? (Score:3, Funny)
An ipad? ROTFL. Let's see you develop SOFTWARE for that ipad... on your ipad.
Apple users need to learn to speak without steve's hand up their anus...