Taken from Examiner.com
Microsoft's Windows operating systems have recently been found to have a major security hole, a flaw so critical that it bypasses all Windows 7 security mechanisms. Chester Wisniewski of security company Sophos explains that:
"Lots of research has gone into it and most of the results are not good news for Windows users. It is important to think about this attack as two separate pieces, one that is a new zero-day vulnerability that could easily be adopted by any malware author, the other a unique payload that appears to be designed to go after some very specific infrastructure targets.
For corporate users (unless you run a power plant, water system or other SCADA system) the important part is the zero-day flaw. Warning: I am about to go a bit geeky.
The flaw is in how shell32.dll tries to load control panel icons from applets. By making a specially crafted shortcut pointing to a malicious file, you can make Windows Explorer blindly execute the malicious file when the location of the shortcut is merely browsed to. In this case the malicious file is a rootkit and a dropper that immediately hide the special shortcut (.lnk) files. Allowing executable code to load in the process of trying to retrieve an icon seems like a major oversight in the design of Windows."
Microsoft plans to update Windows 7 with a fix in the coming weeks. The big issue here, however, is that Windows XP and Windows 2000 have, as of last Tuesday, been removed from the list of supported products and will therefore continue to be at risk -- Microsoft has no immediate plans to update these older versions of Windows.
Particularly disturbing is Wisniewski's comment: "Having had the opportunity to play with it and see the simplicity with which it can be used, I suspect it will be too juicy a target to ignore." Great.