Content
Exploit-CVE2010-2568
- Type
- Trojan
- SubType
- Exploit
- Discovery Date
- 07/21/2010
- Length
- Varies
- Minimum DAT
- 6050 (07/21/2010)
- Updated DAT
- 6088 (08/28/2010)
- Minimum Engine
- 5.4.00
- Description Added
- 07/21/2010
- Description Modified
- 07/23/2010 3:41 PM (PT)
Tab Navigation
Characteristics
This is a heuristic detection for exploits that targets a specific vulnerability in the Microsoft Windows Shell as described in CVE-2010-2568. At the time of research, known malware has been discovered to be exploiting this vulnerability in the wild, which allows arbitrary code execution via a maliciously crafted .lnk file. They have been noted to spread via removable USB drives, and potentially could be used over shared folders, WebDAV or other similar means. Please look here for more details on CVE-2010-2568 and the vendor's advisory: The current Stinger also provides detection for .lnk files exploiting the CVE-2010-2568 vulnerability:
Symptoms
- Loading of executable components by viewing a folder containing .lnk files, without clicking on them.
Method of Infection
This trojan targets a specific vulnerability in the Microsoft Windows Shell as described in CVE-2010-2568.
Removal
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Variants
Variants
N/A
All Information
Overview -
This is a heuristic detection for exploits that targets a specific vulnerability in the Microsoft Windows Shell as described in CVE-2010-2568. At the time of research, known malware has been discovered to be exploiting this vulnerability in the wild, which allows arbitrary code execution via a maliciously crafted .lnk file. They have been noted to spread via removable USB drives, and potentially could be used over shared folders, WebDAV or other similar means.
Characteristics
Characteristics -
This is a heuristic detection for exploits that targets a specific vulnerability in the Microsoft Windows Shell as described in CVE-2010-2568. At the time of research, known malware has been discovered to be exploiting this vulnerability in the wild, which allows arbitrary code execution via a maliciously crafted .lnk file. They have been noted to spread via removable USB drives, and potentially could be used over shared folders, WebDAV or other similar means. Please look here for more details on CVE-2010-2568 and the vendor's advisory: The current Stinger also provides detection for .lnk files exploiting the CVE-2010-2568 vulnerability:
Symptoms
Symptoms -
- Loading of executable components by viewing a folder containing .lnk files, without clicking on them.
Method of Infection
Method of Infection -
This trojan targets a specific vulnerability in the Microsoft Windows Shell as described in CVE-2010-2568.
Removal -
Removal -
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Additional Windows ME/XP removal considerations
Variants
Variants -
N/A