Monday, July 19, 2010

CyberSecurity Threat Indicator Raised as Critical Windows Zero-Day Vulnerability Discovered

Computerworld and other sources are reporting a newly-discovered critical bug in all versions of Windows. The bug is so critical that the Internet Storm Center (ISC) has pushed its Infocon threat indicator to "Yellow," a rare move, while Symantec also bumped up the status of its ThreatCon barometer to "Elevated." Users are being warned to expect widespread attacks.

"The proof-of-concept exploit is publicly available, and the issue is not easy to fix until Microsoft issues a patch," said Lenny Zeltser, an ISC security analyst.

Last Friday, Microsoft confirmed that attackers can use a malicious shortcut file, identified by the ".lnk" extension, to automatically execute their malware by getting users to view the contents of a folder containing such a shortcut. Malware can also automatically execute on many systems when a USB drive is plugged into the PC.

All versions of Windows, including the just-released beta of Windows 7 Service Pack 1 (SP1), as well as the recently retired Windows XP SP2 and Windows 2000, contain the bug.

In a related post, we reported that Sieman is warning customers about attacks on its industrial control software that exploit this bug.