G Data fights Windows security flaw |
New hotfix is available, as free of charge download |
|
|
  |
| Contact Information |
Danielle van Leeuwen
-
Phone: +31 (0)20 84 55 163
Email: danielle.van.leeuwen@gdata.nl
|
|
Market Press Release – July 27, 2010 12:53 pm – Bochum (Germany), July 27, 2010 – The serious security flaw regarding shortcuts in Microsoft Windows products is currently exploited by various pieces of malicious software and everything points to an emergence of new and more malware variants with this exploit. As the media reported, the first approaches to address the vulnerability were not really successful. The G Data specialists have now developed a hotfix, the “G Data LNK Checker”, which blocks the automatic execution of the referenced malicious file and displays regular icons as usual. The user is protected against dangerous .lnk files. The program is available as free of charge download on G Data’s website.
The “G Data LNK Checker” is available through the following link:
http://www.gdatasoftware.co.uk/support/downloads/tools.html
“This recent security flaw gives cyber-criminals a wide range of new possibilities to infect a PC. They only need to make sure that a .lnk file is displayed on the computer. The file, which the link refers to, does not necessarily need to be on the computer – it can even be on the Internet”, explains Ralf Benzmueller, head of the G Data SecurityLabs. “Not only users of memory sticks are affected. In a company’s IT network, for example, it is enough to save a primed and infected file on the network drive. Even basic software, like word processing programs and e-mail clients, provide the possibility to display shortcuts. The potential for abuse is enormous. We expect that this vulnerability will be massively exploited shortly.”
The “G Data LNK Checker” in detail
The G Data specialists developed the “G Data LNK Checker” hotfix after a detailed analysis of the security flaw. The “G Data LNK Checker” functions independently from an installed security suite and supplements it with a generic protection against automatic execution of linked malware. After the installation, the “G Data LNK Checker” monitors the creation of shortcut icons and prevents the automatic execution of code on the display of icons. The malicious mechanism is used for specific cases only, e.g. icons for system control elements.
Desktop symbols with popular and safe mechanisms are displayed as usual. But if the malicious mechanism is detected, a red warning signal icon is displayed.
Attention: There are legitimate application possibilities for this recently exploited mechanism. A double-click on a file that is marked as dangerous still lies in the user’s responsibility. At this point, a good security suite is needed.
Once Microsoft has patched the security flaw and the user has downloaded and installed the respective Windows update, the program “G Data LNK Checker” can be uninstalled like every other software. The hotfix is designed for all Windows operating systems since Windows XP, both 32-bit versions and 64-bit versions. Users with Windows XP service pack 2 are protected as well, even though the official Microsoft support ended recently.
Background Information
Every PC running a Windows operating system has shortcuts on its desktop. This offers a one-click access to the most important programs and files. This useful function is misused by malware again and again. Just as in this recent case, in which Microsoft acknowledged a 0-day-exploit regarding all recent Windows versions. In this case, the mechanism to display icons is exploited in a specific way to execute malware and eventually gain control over the entire PC. To make this happen, the user only needs to display the primed shortcut, e.g. in the Internet Explorer, on the desktop or within an application.
Microsoft reacted immediately and created a proposal for a solution (hotfix), which solves the problem itself, but it leads to the fact that all shortcuts lose their icon. This is very impractical and not a satisfactory workaround to the problem. The “G Data LNK Checker” solves this problem.
G Data Software AG Celebrates 25 years
G Data Software AG, with its head office in Bochum, is an innovative and quickly expanding software house focusing on IT security solutions. As a specialist in Internet security and pioneer in the field of virus protection, the company, founded in Bochum in 1985, developed the first antivirus program over 20 years ago and in 2010 is celebrating its 25th birthday.
Consequently G Data is amongst the eldest security software companies in the world. Over more than five years, no other European security software provider has won national and international tests and awards more frequently than G Data.
The product range comprises security solutions for end customers as well as medium to large-sized enterprises. G Data security solutions are available worldwide in more than 60 countries. www.gdatasoftware.co.uk.
Editorial contact
G Data Software AG Press Service
Daniëlle van Leeuwen
PR Manager G Data Benelux & UK
Tel. +31 (0)20 84 55 163
E-mail: danielle.van.leeuwen@gdata.nl
Twitter: g_data_software
For more information, visit: http://www.gdatasoftware.co.uk/support/downloads/tools.html
|
| Related Tags: G Data, windows vulnerability, lnk |
Disclaimer
If you have any questions regarding information in this press release, please contact the person listed in the Contact / Company information box of this page. Please do not attempt to contact Market Press Release. We will be unable to assist you with any information regarding this release. Market Press Release disclaims any content contained in this press release.
|
Business
![[Valid RSS]](images/valid-rss-rogers.png "Validate my RSS feed")
