CPLINK
CPLINK and Win32/CplLnk.A are names for a Microsoft Windows shortcut icon vulnerability discovered in June 2010 and patched on 2 August[1][2] that affected all Windows operating systems. The vulnerability is exploitable when any Windows application that display shortcut icons, such as Windows Explorer,[3] browses to a folder containing a malicious shortcut.[4] The exploit can be triggered without any user interaction, regardless where the shortcut file is located.[4][5]
In June 2010, VirusBlokAda reported detection of zero-day attack malware called Stuxnet that exploited the vulnerability to install a rootkit that snooped Siemens' SCADA systems WinCC[6] and PCS 7.[7] According to Symantec it is the first worm designed to reprogram industrial systems and not only to spy on them.[8]
References
- ↑ "Microsoft Security Bulletin MS10-046 - Critical / Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)". Microsoft. 2 August 2010. https://technet.microsoft.com/en-us/security/bulletin/MS10-046. Retrieved 21 November 2011.
- ↑ "Microsoft issues 'critical' patch for shortcut bug". BBC News. 2 August 2010. https://www.bbc.co.uk/news/technology-10837232. Retrieved 21 November 2011.
- ↑ "Encyclopedia entry: Exploit:Win32/CplLnk.A". Microsoft. Jul 16, 2010. http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3aWin32%2fCplLnk.A. Retrieved 27 July 2010.
- ↑ 4.0 4.1 Wisniewski, Chester (2010-07-27). "AskChet, Episode 2, July 26, 2010 - Sophos security news". SophosLabs. https://www.youtube.com/watch?v=-o7viVkGoZ0. Retrieved 27 July 2010.[|permanent dead YouTube link|dead YouTube link}}]
- ↑ Wisniewski, Chester (2010-07-26). "Shortcut exploit still quiet - Keep your fingers crossed". Sophos. http://www.sophos.com/blogs/chetw/g/2010/07/26/shortcut-exploit-dormant-fingers-crossed/. Retrieved 27 July 2010.
- ↑ Mills, Elinor (2010-07-21). "Details of the first-ever control system malware (FAQ)". CNET. http://news.cnet.com/8301-27080_3-20011159-245.html. Retrieved 21 July 2010.
- ↑ "SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan". Siemens. 2010-07-21. http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=view. Retrieved 22 July 2010. "malware (trojan) which affects the visualization system WinCC SCADA."
- ↑ "Siemens: Stuxnet worm hit industrial systems". http://www.computerworld.com/s/article/print/9185419/Siemens_Stuxnet_worm_hit_industrial_systems?taxonomyName=Network+Security&taxonomyId=142. Retrieved 16 September 2010.
External links
- Microsoft Security Advisory (2286198) concerning the Windows vulnerability exploited by CPLINK.
- Infoworld article Is Stuxnet the 'best' malware ever?
 |  |
