Microsoft has confirmed a new, highly dangerous zero-day vulnerability that has caused multiple researchers to issuing warnings. The exploit is a whopper on all levels.
It comes into the enterprise via hidden files on USB sticks or via shared network files. It requires no user interaction to infect the system (simply viewing the icon is enough to trigger it). It propagates itself. It loads as a rootkit infection. It affects all Windows operating systems, even full-patched Windows 7 systems. It seems to target extremely sensitive information -- researchers say it seems to have been made for espionage. If all that weren't scary enough, a researcher has already published proof-of-concept code.
Anti-malware vendors are updating their software to add detection of the threat. Microsoft is among them. According to the Microsoft Malware Protection blog: "We have multiple signatures that detect this threat for customers using Microsoft Security Essentials, Microsoft Forefront Client Security, Windows Live OneCare, the Forefront Threat Management Gateway, and the Windows Live Safety Platform. "
Comments
0 comments
Please sign in to leave a comment.