Windows LNK Vulnerability. - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 28

Thread: Windows LNK Vulnerability.

  1. #11
    HYBR|D
    Guest

    ZIIINGA'H

    ZIIIING... Sorry but i find this very very very very amusing.

    Quote Originally Posted by SnugglesTheBear View Post
    Have you ever even heard of a drive-by downloading attack T-spec?

  2. #12
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133
    Quote Originally Posted by The-Spec View Post
    This flaw isn't going to have the effect of lets say... adobe products. And explorer itself couldn't be effected remotely since it uses default icons as a represention of files that aren't directly located on the drive. It would have to already be on disk and displayed within a file menu to take any sort of effect.
    Upon reading http://www.microsoft.com/technet/sec...y/2286198.mspx, the link states the following under the faq and I quote "How could an attacker exploit the vulnerability?
    An attacker could present a removable drive to the user with a malicious shortcut file, and an associated malicious binary. When the user opens this drive in Windows Explorer, or any other application that parses the icon of the shortcut, the malicious binary will execute code of the attacker’s choice on the victim system.

    An attacker could also set up a malicious Web site or a remote network share and place the malicious components on this remote location. When the user browses the Web site using a Web browser such as Internet Explorer or a file manager such as Windows Explorer, Windows will attempt to load the icon of the shortcut file, and the malicious binary will be invoked. In addition, an attacker could embed an exploit in a document that supports embedded shortcuts or a hosted browser control (such as but not limited to Microsoft Office documents). "

    I do believe the attack I describe fits within the scope of the second paragraph.
    Last edited by SnugglesTheBear; July 23rd, 2010 at 05:30 PM.

  3. #13
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    *runs to get popcorn*
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  4. #14
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    LOL, am I the only one pissing myself laughing? Come on, people have been bashing Microsoft for security since... Well, long before I came along to take the torch and haz burnination lol.

    Remember when you had to actually open an email, download the attachment, and then run the thing the idiot who sent it to you named "Yea suck on this *******.exe" lol.

    Good times... Apparently you can't even double click anymore! Oh no! I wonder if Apple will make some more of those idiotic ads they love so much about how Mac's only have one button and that might make them safer. And of course how "PC" was always sick with a virus and told Mac to get away and he'd be a jack ass and say he couldn't be infected. Man these people....
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  5. #15
    Banned
    Join Date
    Jan 2008
    Posts
    605
    Its not something that would "show up on a web page". And when you connect to shared directorys in IE it uses the default icons associated with these files. Browsers haven't automaticly opened word documents and pdf files since 1998.

    Why try to up-play this to the point of outright lies?

  6. #16
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    Hummm.......

    [["drive-by"]["road apples"]]

    I'd like extra butter on mine, Westin!

    If you are a M$ shop and you host your Exchange server and your Domain is 2000 or above (If you're still NT then stop reading and go out back and quietly shoot yourself)

    This statement should be true even if you learned networking from Jim Bobs School of Networking and Fish and Tackle Supplies:

    It is impossible to send .lnk files in email and when you insert any removable drive or a CD/DVD into a computer NOTHING HAPPENS. (Cause autorun is disabled)

    AD Policies people - AD Policies.

    Yea and screw the home user. You picked up the road apple you clean it up.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  7. #17
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133
    Maybe I was not clear on how the attack would execute and thus the source of the argument. >.< What I was trying to state was that a malicious website has the victim download unknowingly two components onto the victims machine, the .exe and the .lnk. When the victim navigates(or in some circumstances if the browser automatically opens up the folder) to his/her downloads folder or wherever they put it, the .lnk exploit will trigger and then the malicious .exe will execute. :/

  8. #18
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    the .lnk exploit will trigger and then the malicious .exe will execute. :/
    I am sure this can be mitigated by not running\browsing\surfing as administrator....

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  9. #19
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by morganlefay View Post
    I am sure this can be mitigated by not running\browsing\surfing as administrator....

    MLF
    Oh good! So only 99% or so of people are at risk as opposed to.. Oh... And, you know, pre-Windows 7 default installations having the Admin account logged in by default without any password whatsoever, and no user adding panel like other OSs, and the general "If you don't want to browse as admin, or do anything like that, well, you CAN do it, but since 99% of you in the Home Computer Market have no idea why, or how, a Computer works, or why, or how, you shouldn't do this, and instead of trying, we'll make the ADMIN account, log in not only as the default account, we won't put a password on that either, and if you do want to, all you have to do is get into the user and account area of Control Panel, and set a password, and make a user for yourself that isn't admin, even though you type your normal name to log in and..."....

    I can't imagine more than 2 or 3 people out of 3,000 even getting through half of that without saying screw it and leaving it alone.

    I brought this up already and pointed it out, but just because Windows CAN be locked down, doesn't mean it is, and auto log in, though neat for those who don't care about a password.... It works great on Linux, where the Root account isn't the default by any means, and you have to add a non root user, and then you can have THAT account auto log in...

    It's not that Auto Login is a terrible idea, I know why people like it, they don't have to do anything! It's like those days of Windows 9X where clicking on Cancel would let you in just as well as the password.... (Remember Profiles? Lol)....

    In other words, sure, for those of us who know what we're doing with a Computer, this thing is probably crap, but for literally more than 90% of the Home Users? Pffft.

    If the solution was as simple as "Well don't use the admin account" you'd be out of a job.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  10. #20
    Banned
    Join Date
    Jan 2008
    Posts
    605
    Its still dog doo-doo when it comes to permissions though. Your allowed to read, execute, and write (but not modify) almost anything you want as nobody. Under a guest account in windows your not given write access to anything at all.

Similar Threads

  1. Whats a good stable OS?
    By s3nate in forum Operating Systems
    Replies: 25
    Last Post: July 20th, 2004, 10:32 AM
  2. Usefull Windows XP, 2k, NT, and 9x tips and tweaks
    By Cybr1d in forum Miscellaneous Security Discussions
    Replies: 11
    Last Post: June 10th, 2004, 12:09 AM
  3. Windows Tweaks II
    By DeadAddict in forum Other Tutorials Forum
    Replies: 3
    Last Post: November 18th, 2003, 12:20 PM
  4. Operating System Selection
    By TheFiend in forum Miscellaneous Security Discussions
    Replies: 30
    Last Post: June 14th, 2003, 11:08 PM
  5. MS 1st critical update of 2003
    By qwerty_smith in forum Microsoft Security Discussions
    Replies: 1
    Last Post: February 5th, 2003, 08:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides