Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Shortcut parsing glitch used by Equation group re-patched by Microsoft

Shortcut parsing glitch used by Equation group re-patched by Microsoft

2015/03/11

Softpedia - (International) Microsoft fixed a shortcut parsing vulnerability in Windows that was discovered by Kaspersky Labs researchers to have been in use since 2008 in large-scale cyber-espionage activities involving the Equation group and the Fanny worm. Microsoft corrected how Windows handles dynamic link library (DLL) files to patch the vulnerability that allowed attackers to infect systems by creating malformed shortcut files (LNK) loaded from a malicious DLL that would execute automatically when opened.

Source: http://news.softpedia.com/news/Shortcut-Parsing-Glitch-Used-by-Equation- Group-Re-Patched-by-Microsoft-475479.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:41