A recently discovered vulnerability in the processing of lnk files in the Windows operating system may be used by attackers to executed malicious code on the target system. Windows users can take a look at our previous coverage of the security issue for additional details.
The nature of the vulnerability makes it possible to exploit it without user interaction, displaying the link icon is enough to execute the code.
Microsoft has provided workarounds and a fix-it solution in a security advisory, unfortunately though with side effects that remove the icons from programs in the Windows taskbar or start menu (which from then on show up as blank icons).
Several security companies have created their own workarounds and protections, and one of those resulting programs is the G Data LNK-Checker.
lnk checker
The security software, upon installation and a necessary restart, detects potentially dangerous LNK files and blocks the automatic execution of the malicious file. The application further changes the icons of suspicious links so that they are easier to identify.
Files that are found not to be suspicious are displayed the default way, which makes this a preferred solution over Microsoft’s Fix-It solution and manual workarounds, which as mentioned above change all icons to blank ones.
It is important to note that suspicious files should not be executed on the computer system (by double-clicking for instance), since this could trigger the malicious code they contain.
G Data LNK-Checker is available for download at the G Data website. The program description is only available in German, the installation however is available in English as well.
Update: English version of G Data LNK-Checker available here.
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook or Twitter.Related Articles:
Word Document Hyperlink CheckerNew Security Vulnerability Affects Windows Operating Systems
Expect Out Of Band Windows Security Release On August 2
SSD Security: Erase Solid State Drives Data
Microsoft Offers Workaround For Remote DLL Vulnerability
The English version is available at this page: http://www.gdatasoftware.co.uk/support/downloads/tools.html
Karbi thanks for the information, I have added the link to the article.
Sophos has also issued aprogram to detect and stop the .LNK trojan
Free Sophos tool blocks Windows shortcut attacks : http://www.computerworld.com/s/article/9179698/Free_Sophos_tool_blocks_Windows_shortcut_attacks?source=rss_news
Ilev thanks for the information, appreciated.
Just to add, Heise Online states that the Sophos tool “does not respond to files stored on local hard disks. Therefore, users can still infect their systems, for instance, by unpacking a ZIP archive”. http://www.h-online.com/security/news/item/Anti-virus-vendors-offer-free-LNK-protection-Update-1046183.html