Friday, July 30, 2010

SOFTWARE: A Kludge for the LNK Issue

The internet has been abuzz with the news that Windows has a serious security issue with icons of all things. It's possible to just LOOK at a web-site or even stick in a disk or thumbdrive and get hammered by ill-meaning software. The problem relates to how Windows has handled LNK (aka shortcut) files since time immemorial. It's been broken forever.

And now the bad guys know that.

Microsoft either can't find a solution that works across all versions of Windows (and they are morally responsible to fix even out-of-service versions) OR it's stubbornly sticking to its regular patch schedule of the second Tuesday of each month. Neither explanation is good.

There have been a couple of attempts to skate around the issue. Microsoft itself detailed a long list of mods you could make to your system that would ultimately turn all icons into white squares. Ugggh! I found another complex solution called Ariad that was better. But still, too complex for the layperson ... or me.

Then today, Sophos stepped up. The Anti-virus makers now have a tool that is easy to install and will work in the time til Microsoft gets its solution out to the public (and let's hope it wasn't reason number one, above). You can find it here. Take a look at the video. And re-iterating what it says, you don't need to be using Sophos Anti-Virus. This will work with any AV product.

Even Microsoft's.

DO NOT DELAY. This exploit's out in the wild and it's one that usually safe practices will still fall prey to. And I do NOT have the time to fix anybody's computer right now.

No comments: