"The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the user clicks the displayed icon of a specially crafted shortcut. This vulnerability is most likely to be exploited through removable drives."If AutoPlay is disabled, particularly for USB devices, in order for the vulnerability to be exploited, it would be necessary to manually browse to the root folder of the removable disk. AutoPlay for removable disks is automatically disabled on Windows 7. In the event you have enabled AutoPlay, it is strongly advised that it be disabled.
To disable AutoPlay the prerequisites in Microsoft KB Article 967715 must first be installed. If your computer is up-to-date, they are already installed. The KB Article also includes instructions on "How to disable the Autorun functionality in Windows".
Note that it is additionally reported on the MSRC Blog that, "In the wild, this vulnerability has been found operating in conjunction with the Stuxnet malware". For more information on Stuxnet, see the MMPC blog post. Of further interest, as the MSRC Blog reports
"signatures in up-to-date versions of Microsoft Security Essentials, Microsoft Forefront Client Security, Windows Live OneCare, the Forefront Threat Management Gateway, and the Windows Live Safety Platform protect customers against the Stuxnet malware."
References:
- MMPC: The Stuxnet Sting
- MSRC: Security Advisory 2286198 Released
- TechNet: Security Advisory 2286198
- How to disable the Autorun functionality in Windows
No comments:
Post a Comment
Neither spam nor comments containing vulgarities will be approved.