Running Windows? Shut off shortcut icons.

Trend Micro’s ConterMeasures:

On the 16th of July Microsoft released Security Advisory 2286198 confirming an as yet unpatched vulnerability in Windows Shell that exposes all users of all current versions of Microsoft Windows to very real risk of attack and infection.

According to Microsoft “The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed.”  So what does that mean in plain language?

It means that if any user of Microsoft Windows opens a folder containing a shortcut which has been designed to exploit this vulnerability, they will be infected.  No opening of files required, simple browsing is enough.

Although Microsoft have stated that “This vulnerability is most likely to be exploited through removable drives” users should be on their guard against all shortcut files whose authenticity they cannot guarantee.  This same vulnerability could be exploited though contaminated file shares or something as simple as a malicious compressed archive such as a zip file.

Or a malicious shortcut on a web page, or even an Office document(!).^[1]

At this time there is no patch to fix this available. Microsoft does have a workaround here; applying it makes Windows display a generic icon rather than the application’s special one.

This exploit was first discovered in a trojan targeting Siemens SCADA control systems, but has now been spotted in the wild.

Elsewhere:
-----

Posted by: Old Grouch in Linkage at 17:16:11 GMT | No Comments | Add Comment
Post contains 322 words, total size 5 kb.

M.I.A. at the Indianapolis 500

Frank W. James has a put up great rant on the state of the IZOD Indy Car Series.  Too many good quotes to pull; just go read ’em both:

Posted by: Old Grouch in Linkage at 18:57:56 GMT | No Comments | Add Comment
Post contains 46 words, total size 1 kb.

Not that she needs MY help or anything...

Posted by: Old Grouch in Linkage at 16:36:14 GMT | Comments (1) | Add Comment
Post contains 12 words, total size 1 kb.

Nifty, nifty, Etch A Sketch is 50

Via:  Dr.Helen

Posted by: Old Grouch in Linkage at 01:32:27 GMT | No Comments | Add Comment
Post contains 21 words, total size 1 kb.

Return for regrooving

Tam, struck by a horrible thought:

...Is the phone going to ring and I’m going to answer it and say “I have miles to go and promises to keep,” in a flat monotone and then go do something horrible, like vote for Andre Carson, all because of some crap they taught me in second grade?

Yep, that’s pretty horrible, all right...

Posted by: Old Grouch in Linkage at 17:10:26 GMT | No Comments | Add Comment
Post contains 62 words, total size 1 kb.

#39: Murphy is alive and well

Posted by: Old Grouch in Linkage at 14:53:12 GMT | No Comments | Add Comment
Post contains 12 words, total size 1 kb.

Latest word from the climate kitchen

And a reminder:   “Consensus” isn’t the same as truth.

Posted by: Old Grouch in Linkage at 16:40:37 GMT | No Comments | Add Comment
Post contains 28 words, total size 1 kb.

Green where it shouldn’t be

Frank James spots an anomaly:

...You notice there are more than a few plants out there that have withstood the glysophate treatment and appear as healthy as all get out.

... I'm pretty sure it was soybeans last year, so there is zero chance those healthy plants represent “volunteer” corn from last year.

So, where did these healthy Round-Up tolerant plants come from?

From the seed bag.  This disaster perfectly illustrates how the seed companies are passing off impure seed to farmers who later get accused by our good ole corporate buddy, Monsanto, of pirating their precious seed and technology.

He has a picture, too.

You know, if our local newsies were interested in something besides shilling for the progressive agenda, somebody just might find the makings of a story here.

Posted by: Old Grouch in Linkage at 16:30:42 GMT | No Comments | Add Comment
Post contains 134 words, total size 1 kb.