Antivirus Advice - advices to keep your computer safe

Cyber criminals abuse an open security vulnerability in all Windows versions to inject malware into PCs

Tettnang, 21 July 2010 – In Windows operating systems there is currently a vulnerability which attackers can abuse to smuggle in viruses. It suffices to open a specially prepared USB stick or a folder containing a manipulated link with Windows Explorer, warns IT security expert Avira, whose security software protects from this threat.

For the security vulnerability in the processing of file links (.lnk files) within all supported Windows operating systems, Microsoft released a security advisory; an update to eliminate this vulnerability is not yet available, though. The company currently merely provides a guide to deactivate a Windows service as well as the defective processing routines for the .lnk files, which seems to be too complicated for the most users and poses the risk to render the system unusable by a small error. Additionally, the start and quick start menu show a standard icon for all programs after the procedure, which decreases usability significantly.

Thorsten Sick, Product Manager at Avira, recommends to use up-to-date antimalware: “Avira protects users from this threat by detecting and blocking malware which abuses the vulnerability with heuristic analysis. Avira herewith delivers proactive protection against this vulnerability, already without requiring special virus definition updates.” Malware of this kind is detected by Avira as EXP/CVE-2010-2568.A and EXP/CVE-2010-2568.B, respectively.

The security vulnerability was abused by a Trojan at first which Avira detects as RKit/Stuxnet.A. It can, for instance, spread via USB sticks. The malware becomes active just by opening the USB stick with Windows Explorer. Meanwhile, there is Proof-of-Concept code available on the Internet which cyber criminals can put into their malware to abuse the vulnerability. It is very likely that more malware will show up in the next days abusing this security hole.

The basic protection of Avira AntiVir Personal detects and blocks the dangerous malware. Avira AntiVir Premium offers a higher protection level for € 19,95. The integrated WebGuard and MailGuard block the malware even before it reaches the web browser or mail program. The Avira Premium Security Suite for € 39,95 also protects from these threats and additionally contains a firewall, parental control and a backup solution – so that users can restore their important data.

About Avira

Avira GmbH is a leading global provider of IT security solutions for professional and private use. With over twenty years of experience, the company is one of the pioneers in this field. As a founder member of the “IT Security made in Germany” association (ITSMIG e.V.), Avira has guaranteed that it will only provide IT security products that leave no room for data espionage.

The German IT security expert has its headquarters in Tettnang on Lake Constance and maintains several offices throughout the world. Avira employs around 300 people and its free Avira AntiVir Personal antivirus protection represents a significant contribution towards security and is used by over 100 million private users.

The domestic and international clientele is formed by well known companies listed on the stock exchange, many small and medium-sized companies, as well as educational establishments and government authorities. Apart from protecting the virtual environment, Avira promotes the Auerbach Foundation for greater security in the real world. The Auerbach Foundation supports charitable and social projects, as well as art, culture and science.

Related Posts

1. Critical vulnerability in Windows Help and Support Center – no patch available
2. Old vulnerability in Apple’s QuickTime Player allows remote code execution for Windows systems
3. Exploits for .LNK vulnerability are growing fast
4. Several Windows applications vulnerable due to Insecure Library Loading
5. Critical vulnerability in Adobe Reader and Acrobat