USB Virus now spreading via internet browser?

well, have sent a note off to microsoft and a few others, because was a pretty big surprise today to get the new usb-transfer virus via a website.

new vulnerability in windows was found on july 21st.  within one week, google, firefox, and safrari browsers updated their builds.  cisco released a security advisory.

my understanding of the vulnerability is limited.  but what it is, is a file that shows as a shortcut in windows.  and you don’t even have to click on it, just having it on a list when you open windows explorer, will launch the virus.

now, according to CNET …. so far the only use being made of this windows vulnerability is a shortcut that can pass from computer to computer via usb stick only.  and the virus is specifically designed to gather information from manufacturing plants on their designs, and then email those designs back to the maker of the virus.  basically an industrial espionage thing.

but today …. when i logged onto a site, my mouse started freaking and the browser tried to download a windows calendar file, when there was no such link on the web page.  then each mouse device (including my tablet) was stuck in auto-click mode.  that’s when it clicks wherever you stop your mouse.

the cnet article mentions that it might be a week or more before windows patches the vulnerability.  my recommendation is that all computer users stay off windows for a week.

and yes, it’s that bad.  they can execute anything on your machine with this vulnerability.  windows gives steps to prevent, by disengaging your autoplay.  but all the options and steps don’t work on windows 7.  lol …. and since it looks like the virus is now being used and downloaded via browser …. disengaging the autoplay will not help.

i got lucky …. the one i stumbled on generated a window asking me how i wanted to run the file …. so i was able to cancel the attempt to download something to my machine.  but a shortcut now sits on my temp files, that is very very likely a new version of virus exploiting the windows LNK vulnerability.

i’m waiting to hear back from my anti virus company …. and like said, this is bad.   thing cnet did wrong, was they advertised that the W32-stuxnet virus mechanism could be used to spread other trojans …. is basically a new way to spread any internet virus.

until windows finds a way to patch that vulnerability ….

and wasn’t a big deal as long as the new mechanism was passing via usb stick only.  but since this episode i had this morning, with a shortcut file being deposited to my temp file via internet browser ………. *shakes head*



Feedback always welcome

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s