Microsoft has not yet patched the .lnk vulnerability I wrote about last week. In the meantime, though, AV vendor Sophos has released a free tool that they claim will fix the problem.
This has been a serious issue. A number of malware writers have already released exploits targeting this flaw. Everyone should exercise even more caution than usual and avoid opening documents or clicking on links in email messages. Simply opening an infected MS Office document can lead to infection. Once computer is infected, it will infect any USB drives that are mounted and hide the infected files, using rootkit technology. This is a HUGE risk for businesses that allow users to transfer files back and forth between office and home computers.
Another word of caution involves a new rogue anti-virus – this time masquerading as a Firefox / Flash update. Check it out here. We are (and should be) always encouraging Clients to keep their brower plugins up to date – especially Flash, so you can see why this ruse would be effective.
Anyone who is tricked into purchasing one of the fake anti-virus programs can usually have the credit card charges reversed. Surprisingly, most do not. As long as people don’t bother to fight back, the fake anti-virus game will continue to generate profits, and as long as it is profitable, the bad guys will continue to find new and better ways to trick users into installing the rogues.
Dennis H in West Virginia, US
July 29, 2010
