Ars Technica has an interesting piece today on a flaw that allows silent installation of software on any windows machine by using specially crafted shortcut (.LNK) files. The exploit is triggered when an application (such as the windows shell) attempts to display the shortcut icon.
Affected windows versions include XP, Server 03 and 08 versions, Vista and 7, so pretty much every OS MS has made in the last decade.
As the Ars article states, this exploit is already being used in the wild using USB keys as the method and carrier of the infection. On the USB key resides a rootkit and malicious payload with a kernel-level driver digitally signed by Realtek (!!!), which prevents the malware files and the offending icon from being shown to the user.
Affected windows versions include XP, Server 03 and 08 versions, Vista and 7, so pretty much every OS MS has made in the last decade.
As the Ars article states, this exploit is already being used in the wild using USB keys as the method and carrier of the infection. On the USB key resides a rootkit and malicious payload with a kernel-level driver digitally signed by Realtek (!!!), which prevents the malware files and the offending icon from being shown to the user.