G Data releases tool to block Windows shortcut attacks
By Jeremy Kirk on Jul 28, 2010The German security company G Data released a tool on Tuesday that blocks attacks using Microsoft's shortcut vulnerability but also preserves shortcut icons unlike the hotfix released recently by Microsoft.
The tool, called the G Data LNK Checker, is a small piece of software that is independent of other security software. It monitors the creation of shortcuts and then will block the execution of code when a shortcut icon is displayed, according to G Data. The tool is free and can be downloaded from G Data.
Microsoft hasn't indicated when it will patch the shortcut flaw, which can cause malware to be executed merely by looking inside a folder containing a malicious shortcut. The company released a hotfix last week, but shortcuts lose their icons.
"This is very impractical and not a very satisfactory workaround to the problem," G Data said.
G Data said its software will display a red warning signal if a shortcut tries to execute something that appears to be malicious. When Microsoft patches the flaw, G Data said its tool -- compatible with XP, Vista and Windows 7 -- can then be uninstalled.
G Data isn't the only company to publish its own fix. On Monday, Sophos released the Windows Shortcut Exploit Protection Tool , which replaces tool replaces Windows' icon handler.
Per its own policy, Microsoft does not endorse third-party tools and instead recommends its own fix.
The Windows shortcut vulnerability was being used by the Stuxnet, a piece of malware that spreads by USB sticks and targets WinCC supervisory control and data acquisition (SCADA) systems produced by Siemens. Other kinds of attacks have also been detected since the flaw became widely known. Microsoft's next regular patch release is on Tuesday, Aug. 10.
Tagged as:
