VirusBlokAda, a computer security firm based out of Belarus, had found a Trojan that utilized a new method of infecting a computer. This method would infect even a fully patched Windows 7 machine. It turns out that the method this Trojan infects the computer is a vulnerability that affects all Windows version since, and including, Windows XP. This vulnerability utilizes a specially crafted shortcut that when stored on an external drive, and that drive is opened, will automatically launch a malware program that can then infect your computer.Microsoft has subsquently issued an advisory that discussed the effects of this vulnerability and how to mitigate it. As the steps to mitigate this vulnerability revolved around editing the Windows Registry a Microsoft FixIt was released to automatically do it for you. The problem with the FixIt is that it will remove all the images from your shortcuts, which can reduce the usability of Windows.
Since then, Sophos has released their own tool to fix the Windows Shortcut vulnerability, without the loss of your shortcuts images. This tool, called the Windows Shortcut Exploit Protection Tool, will allow you to view your shortcut's icons, while still protecting you, by installing its own shell handler that is not vulnerable to this infection. It will also issue an alert when a malicious shortcut is encountered that is trying to exploit this vulnerability.
For those who want to protect themselves without losing functionality in the Windows GUI, then the Sophos tool looks like the way to go.
Link: 
Back to top
