Sophos engineers have been busy developing and testing a free tool that protects users from malware exploiting the critical zero-day vulnerability known as the "Shortcut exploit".
We have begun to see more hackers taking advantage of the exploit, spreading malware which takes advantage of Microsoft’s unpatched vulnerability.
Sophos has been doing a good job of protecting its customers against this problem (we detect exploited files as Exp/Cplink). But what if you’re not a Sophos user and are worried about the attacks?
Here are the details in a nutshell:
1. It intercepts LNK shortcut files that contain the exploit, telling you which executable code it was attempting to run. That means it will stop malicious threats which use this vulnerability if they are on non-local disks, such as a USB stick for instance.
2. You can run the tool alongside your existing anti-virus product. No need to throw the baby out with the bathwater. The tool supports Windows XP, Vista and Windows 7. It doesn’t support Windows 2000.
3. Unlike Microsoft’s workaround, it doesn’t blank out all the shortcuts on your Windows Start Menu – meaning your life (and that of your users) will be easier.
4. It’s free to download.
Graham Cluley’s Blog at Sophos