On Monday
Microsoft has announced that it will make public an out-of-band patch to fix the high-profile .lnk file vulnerability (CVE-2010-2568).
Holly Stewart, MMPC, wrote today: “As mentioned earlier this month, the Microsoft Malware Protection Center (MMPC), along with other Microsoft Active Protection Program partners, have been keeping a close watch on the use of .LNK files exploiting this vulnerability. As with many new attack techniques, copycat attackers can act quickly to integrate new techniques. Although there have been multiple families that have picked up this vector, one in particular caught our attention this week– a family named Sality, and specifically Sality.AT.”
Technet blog piece here.
Microsoft’s July 16 advisory here.
Tom Kelchner