Microsoft confirmed the existence of a critical vulnerability in all supported versions of Windows. The new zero-day vulnerability is easily exploitable via USB storage devices, network shares or remote WebDAV shares. All that is required for exploitation is for the contents of the USB device to be viewed in Windows Explorer. Specially crafted shortcut (.lnk) files are allowed to execute code when the shortcut’s icon is loaded to the GUI. An exploit targeting this vulnerability is currently in limited use and additional exploits are very likely in the coming weeks.
Shortcut Worm Vulnerability Affects All Windows Versions
Submitted by HAL2001 2010-07-20 Privacy, Security 2 Comments
It’s somewhat surprising that an icon for a shortcut-link could be exploited in this fashion. Given that this impacts all versions of Windows, it is to wonder whether this relies on a never-documented feature of Windows Explorer and the links.
Anyways, it will not take many more such exploits to go un-patched by Microsoft for IT Departments to physically remove all USB ports from the corperate systems.