G Data LNK-Checker Protects Against LNK Security Vulnerability - gHacks Tech News

G Data LNK-Checker Protects Against LNK Security Vulnerability

A recently discovered vulnerability in the processing of lnk files in the Windows operating system may be used by attackers to execute malicious code on systems that are attacked by it. Windows users can take a look at our previous coverage of the security issue for additional details.

The nature of the vulnerability makes it possible to exploit it without user interaction, displaying the link icon is enough to execute the code.

Microsoft has provided workarounds and a fix-it solution in a security advisory, unfortunately though with side effects that remove icons from programs in the Windows taskbar or start menu (which from then on show up as blank icons).

Several security companies have created their own workarounds and protections, and one of those resulting programs is the G Data LNK-Checker.

lnk checker
lnk checker

The security software, upon installation and a necessary restart, detects potentially dangerous LNK files and blocks the automatic execution of these vulnerable file types. The application further changes the icons of suspicious links so that they are easier to identify.

Files that are found not to be suspicious are displayed the default way which makes this a preferred solution over Microsoft's Fix-It solution and manual workarounds, which as mentioned above change all icons to blank ones.

It is important to note that suspicious files should not be executed on the computer system (by double-clicking for instance), since this can trigger the malicious code they contain.

G Data LNK-Checker is available for download at the G Data website. The program description is only available in German, the installation however is available in English as well.

Update: English version of G Data LNK-Checker available here.

Update 2: The Link Checker application is still available but not really necessary anymore as Microsoft has released a patch in the meantime that closes the vulnerability on all versions of Windows.





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Karbi said on July 27, 2010 at 7:16 pm
      Reply

      The English version is available at this page: http://www.gdatasoftware.co.uk/support/downloads/tools.html

      1. Martin said on July 27, 2010 at 7:22 pm
        Reply

        Karbi thanks for the information, I have added the link to the article.

    2. ilev said on July 28, 2010 at 9:11 am
      Reply

      Sophos has also issued aprogram to detect and stop the .LNK trojan

      Free Sophos tool blocks Windows shortcut attacks : http://www.computerworld.com/s/article/9179698/Free_Sophos_tool_blocks_Windows_shortcut_attacks?source=rss_news

      1. Martin said on July 28, 2010 at 10:24 am
        Reply

        Ilev thanks for the information, appreciated.

      2. Martin said on July 28, 2010 at 3:25 pm
        Reply

        Just to add, Heise Online states that the Sophos tool “does not respond to files stored on local hard disks. Therefore, users can still infect their systems, for instance, by unpacking a ZIP archive”. http://www.h-online.com/security/news/item/Anti-virus-vendors-offer-free-LNK-protection-Update-1046183.html

    Leave a Reply