Critical flaw found in Windows Shell

Posted on Monday, July 19 2010 @ 18:30 CEST by Thomas De Maesschalck
Microsoft announced the discovery of a 0-day vulnerability in Windows Shell that bypasses all Windows 7 security mechanisms and doesn't require administrative rights to run. The vulnerability is caused by improper handling of shortcuts, and security researchers from Sophos warn the exploit can be used to infect Windows 7 systems with a rootkit. It's still unclear when Microsoft will plug this hole, in the meantime the software giants recommends to disabling icons for shortcuts and switching off the WebClient service to prevent attacks.
The vulnerability is caused due to an error in Windows Shell when parsing shortcuts (.lnk). The flaw can be exploited automatically by executing a program via a specially crafted shortcut. Certain parameters of the .lnk are not properly validated on load, resulting in the vulnerability. Microsoft says it has "seen only limited, targeted attacks on this vulnerability."

For the exploit to be successful it requires that users insert removable media (when AutoPlay is enabled) or browse to the removable media (when AutoPlay is disabled). According to Microsoft's advisory, exploitation may also be possible via network shares and WebDAV shares. Microsoft states that the exploit affects all Windows versions since Windows XP, including Windows 7. However, Security Researcher Chester Wisniewski of Sophos, reports that Windows 2000 and Windows XP SP2 (both unsupported by Microsoft) are affected by the flaw.


Source: NeoWin

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.


Loading Comments

Share this story!

Latest news

Latest reviews