At last Microsoft fixed the root cause of one of the fast spreading malicious attack on computer systems by its latest Windows patch. Win32/Sality.AT is the one of the major malicious infection which utilize this vulnerability.
What is this Windows Shortcut Icon Loading vulnerability
This kind of malicious programs uses some bugs present in the .LNK file (A file used to link shortcuts to the original file location) and the way Windows handle this file to manage shortcuts in User Interface. According Microsoft this security hole is present in Windows XP, Windows Vista, Windows 7 and Windows 2008. This vulnerability is reported by some of the security specialists as Shortcut Icon Loading Vulnerability.
How Shortcut Icon Loading Vulnerability is a threat
By exploiting this vulnerability an attacker can take the control of your system with the same privilege of the current user. This simply means if you are in your administrator account, the attacker can gain the same power.
How Windows Shortcut Vulnerability works
By exploiting the Windows Shortcut Icon loading vulnerability, a hacker can create a shortcut file which can execute in your computer system. He can insert this malicious shortcut by USB memory, remote network share or by planting this code in a malicious website.
Win32/Sality.AT is a prevailing family of malicious programs with following feature.
From Microsoft site”
” Virus:Win32/Sality.AT is a detection for a virus that spreads by infecting Windows executable files and by copying itself to removable and remote drives. It also terminates various security products, prevents certain Windows utilities from executing and attempts to download additional files from a predefined remote Web server.
”
For more information please check the Microsoft document about Win32/Sality.AT.
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Virus:Win32/Sality.AT
In this article you can see a lot of useful information about this virus family.
What is this Windows Shortcut Icon Loading vulnerability
This kind of malicious programs uses some bugs present in the .LNK file (A file used to link shortcuts to the original file location) and the way Windows handle this file to manage shortcuts in User Interface. According Microsoft this security hole is present in Windows XP, Windows Vista, Windows 7 and Windows 2008. This vulnerability is reported by some of the security specialists as Shortcut Icon Loading Vulnerability.
How Shortcut Icon Loading Vulnerability is a threat
By exploiting this vulnerability an attacker can take the control of your system with the same privilege of the current user. This simply means if you are in your administrator account, the attacker can gain the same power.
How Windows Shortcut Vulnerability works
By exploiting the Windows Shortcut Icon loading vulnerability, a hacker can create a shortcut file which can execute in your computer system. He can insert this malicious shortcut by USB memory, remote network share or by planting this code in a malicious website.
Win32/Sality.AT is a prevailing family of malicious programs with following feature.
From Microsoft site”
” Virus:Win32/Sality.AT is a detection for a virus that spreads by infecting Windows executable files and by copying itself to removable and remote drives. It also terminates various security products, prevents certain Windows utilities from executing and attempts to download additional files from a predefined remote Web server.
”
For more information please check the Microsoft document about Win32/Sality.AT.
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Virus:Win32/Sality.AT
In this article you can see a lot of useful information about this virus family.
0 comments:
Post a Comment