Share

Related Links

Top 5 Stories

News

New Windows zero-day vulnerability allows USB malware to run, says Sophos

20 July 2010

A new USB-based zero-day attack is hitting Microsoft Windows users, according to security firm Sophos.

The attack exploits a previously unknown vulnerability in the way the operating system processes shortcut files, making even fully patched PCs vulnerable.

Unlike previous USB-based malware such as the Conficker worm, the latest exploit does not take advantage of the Windows Autorun or Autoplay feature.

This means the W32/Stuxnet-B rootkit malware can spread even if Windows Autoplay and Autorun are disabled.

The shortcut files are allowed to execute automatically and once the rootkit is in place, it effectively enters "stealth mode", cloaking its presence on the infected PC.

"The risk is that more malware will take advantage of the zero-day exploit used by the Stuxnet rootkit, taking things to a whole new level", said Graham Cluley, senior technology consultant at Sophos.

"The exploit is still being analysed by the security community, but there are suggestions that the malware could be trying to access data specific to Siemens SCADA systems that control national critical infrastructure."

Cluley said the security community had not yet established the extent of the risk to SCADA systems, so attacks would be monitored very closely.

"Eyes will also be turned to Microsoft to see how it will respond to what appears to be another unpatched vulnerability in its code that is being exploited by hackers", he added.

This story was first published by Computer Weekly
 

 

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×