UPDATE: On August 2nd, Microsoft released an emergency update that addresses this bug and provides a fix.  If you haven’t automatically updated your Microsoft OS, please do so now by visiting http://windowsupdate.microsoft.com.

-

Last week, Microsoft confirmed that there is a nasty new exploit out there that often uses infected USB flash drives to take advantage of a vulnerability in Windows shortcut files (.lnk extension files). This attack can allows the bad guys to hijack your computer.

The only way to protect against it is to edit the registry to disable display of shortcuts and turn off the WebClient service. A patch is not yet available, and when it is, there won’t be one for XP SP2 since extended support for it ended this month.  All the more reason to upgrade to SP3 ASAP.

The reason that this rootkit exploit is so nasty is that the infection occurs automatically when plugging up a compromised USB key.  Sophos has a great video demonstrating the infection on a secure Windows 7 PC here…

Windows Shortcut Vulnerability with Rootkit