
As we covered workaround to block .LNK shortcut vulnerability in Windows Shell exploited by Stuxnet Rootkit which has been released by Microsoft in their security advisory 2286198,good news is Microsoft offers Fix it for workaround to enable or disable .LNK Shortcut and PIF shortcut functionality.
So you need not require to manually disabling .LNK Shortcut as Microsoft Fix it does it for you.Due to applying Microsoft Fix it or workaround you may no longer see graphical representation of icons .
You can implement this workaround that disables .LNK Shortcut and .PIF file functionality automatically on a Computer running on Windows XP/Server 2003/Vista/Server 2008/Server R2.
For Microsoft Fix it to disable .LNK and .PIF file functionality click this link, if you want to disable workaround offered by Fix it click this link .You need to use the first link.
You need to restart your Computer after using this workaround to take affect on your Computer.
“disabling .LNK Shortcut” fix is its own barrel of diseased monkeys
users are not going to be thrilled at having zero graphical difference between shortcuts.
hardcoding anyone?
@Meh
Sophos released Windows Shortcut Exploit Protection Tool which not only detects and block shortcut exploits but also don’t disable the shortcuts like happens with use of Microsoft Workaround and Fix it tool.
Check this link
https://techdows.com/2010/07/download-sophos-windows-shortcut-exploit-protection-tool.html
@Venkat
Perhaps you missed the offhanded comment by sophos that their tool *only* monitors not-fixed discs.
In a situation where something is downloades from the interwebs by a user to a fixed disc seems not to be addressed — at least based on the description of the tool by sophos team
I really confused when I’ve seen articles about Microsoft patches some of Stuxnet’s vulnerabilites in 2015. Several years ago when I was working in a network security project I was researching about the mechanisms Stuxnet spreading through USB and networks I watched a video there one of Microsoft team member Bruce Dang mentioned in a conference we had knew about the Stuxnet but we weren’t allowed to talk about it till now (2010). but now days that everybody knows about the Stuxnet and its mission is finished, why Microsoft haven’t patched its vulnerabilities forever? is there something remained unmentioned about the Stuxnet mission?
I searched a lot to find the exact video I had watched that time which contained much more knowledge about the role of Microsoft in responsibility of postponing patching the vulnerabilities Stuxenet was using but I couldn’t find it yet. however the above video contains some admissions from one of Microsoft members.