Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Microsoft > Security

August 11th, 2010, 13:57 GMT · By

Free Microsoft Security Tool Tackles Malware Targeting Windows .LNK 0-Day

SHARE:

Adjust text size:


Windows
Enlarge picture
Microsoft has updated a free tool it is offering Windows users enabling them to identify and remove infections produced by a specific list of malware in order to tackle some malicious code samples that have become associated with exploits for a recently patched Windows Critical zero-day vulnerability.

A new version of the Malicious Software Removal Tool is now available for download from the Redmond company.

The malware tackled by the latest release of MSRT has already been used by attackers in the wild in exploits targeting the now notorious Windows .LNK security flaw.

“Threats like Stuxnet, Vobfus, and Sality (…) have incorporated the use of the CVE-2010-2568 vulnerability fixed by the MS10-046 bulletin,” revealed Scott Wu, from the Microsoft Malware Protection Center.

“It’s clear that an increasing number of malware families are incorporating this vulnerability. Today’s MSRT release represents another step Microsoft is taking to cleanse the ecosystem of this infection vector,” Wu added.

The latest version of the Malicious Software Removal Tool has been released through Windows Update, but users can also get the tool as a standalone download. MSRT has always been available through the Microsoft Download Center, and the August 2010 update is no exception to this rule.

“We highly encourage our readers to apply all security updates to protect themselves from this and other vulnerabilities,” Wu recommended.

At the start of August 2010, the Redmond company released an out-of-band patch resolving the .LNK vulnerability. Not only was the security flaw Critical in itself but it was also being actively exploited in the wild.

“One of the threats using this vulnerability that we recently discussed is Sality. It is a virus (a.k.a file infector) and has the potential to infect many files on your computer, making the disinfection tricky and time consuming, since in many cases it must repair, not simply delete, the troubled files. Recall that MSRT is a “cleanup” tool. It does not provide Real-time protection,” Wu said.

Microsoft also provided a list with the specific malware samples tackled by MSRT following the August 2010 update:

Win32/StuxnetWin32/CplLnk 
Worm:Win32/Vobfus.gen!A 
Worm:Win32/Vobfus.gen!B 
Worm:Win32/Vobfus.gen!C 
Worm:Win32/Vobfus!dll 
Worm:Win32/Sality.AU 
Virus:Win32/Sality.AU 
TrojanDropper:Win32/Sality.AU 


The Malicious Software Removal Tool is available for download here.

Microsoft Security Essentials is available for download here.

Follow me on Twitter @MariusOiaga.

TELL US WHAT YOU THINK:

2,766 hits · 1 comment · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


Out-of-Band Patch Fixes Windows Critical .LNK Vulnerability
Patch the First Windows 7 SP1 Critical 0-Day Vulnerability
New Malware Exploiting Windows Shortcut (.LNK) 0-Day
Automatic Fix for Critical Windows 7 SP1 Beta LNK 0-Day Available

READER COMMENTS:


Comment #1 by: Guitar on 12 Aug 2010, 14:57 UTC reply to this comment

I was unable to download the MRT separately and get it to work. Looks like the download is a knowledge-base thing that will not execute by itself.

Regards,

Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use