I’ve long thought that someday Windows security problems could end up fouling up the Internet for everyone. That day may be arriving.
That’s not just me being paranoid about Windows. That’s the ISC (Internet Storm Center), the group that tracks the overall health of the Internet, wondering whether the newly discovered ‘LNK” exploit might be used to slam the brakes on the Internet’s high-speed traffic.
According to Lenny Zeltser, an ISC security consultant, the ISC has “decided to raise the Infocon level to Yellow to increase awareness of the recent LNK vulnerabilityand to help preempt a major issue resulting from its exploitation. Although we have not observed the vulnerability exploited beyond the original targeted attacks, we believe wide-scale exploitation is only a matter of time. The proof-of-concept exploit is publicly available, and the issue is not easy to fix until Microsoft issues a patch. Furthermore, anti-virus tools’ ability to detect generic versions of the exploit have not been very effective so far.”
The LNK vulnerability is an obnoxious little security hole that’s present in all versions of Windows from Windows 2000 on up. There are now numerous attack programs that can use a malicious shortcut file, identified by the “.lnk” extension, to automatically run malware. All a user has to do is view the contents of a folder containing the infected shortcut, and, ta-da, the program is wreaking havoc.