Windows has an 8-year-old security issue that is exploited and known by Microsoft for some time
Microsoft is doing a commendable job when it comes to Windows security. Keeping billions of devices secure is no small feat. Sometimes, however, it appears that someone at Microsoft is pushing the breaks regarding specific vulnerabilities.
Take the following attack method as an example. It is a vulnerability in .lnk shortcuts that is exploited to trigger malware downloads. It was discovered by Trend Micro in 2024 and reported to Microsoft in September 2024.
Security engineers at Trend Micro say that the issue has been exploited since at least 2017 and that it has found almost a 1,000 of these links in the wild already.
These links contain megabytes of whitespace characters according to Trend Micro to fool antivirus and other security solutions. Attacks come from four countries only -- North Korea, China, Russia, and Iran -- according to the researchers. Trend Micro revealed that the vast majority of attacks come from state-sponsored attack crews and fall in the information theft and espionage category. Government were targeted the most, followed by the private and financial sector, think tanks, and telecommunications.
The attackers download and install different malware payloads on successfully exploited systems. Among them notorious payloads and loaders such as Lumma Stealer or GuLoader.
Microsoft has not acted on the provided information. Trend Micro says that it decided to go public with the information because of Microsoft's inactivity. The threat "poses a significant risk "to the confidentiality, integrity, and availability of data maintained by governments, critical infrastructure, and private organizations globally" according to the researchers.
Microsoft classified the issue as low severity according to Trend Micro, indicating that the issue may not be patched in the "immediate future".
In a comment to The Register, a Microsoft spokesperson encouraged customers to "exercise caution when downloading files from unknown sources".
Shortcut files can be analyzed on local Windows systems. The problem with the disclosed vulnerability is that the link files are specifically crafted. This means that the user won't see the exploit when analyzing the link shortcut according to Trend Micro.
Some security solutions may recognize these malicious shortcuts already, others may do so in the near future.
Now You: what is your take on this? Should Microsoft develop a fix and release it? Feel free to leave a comment down below.
RECOMMENDED NEWS
Apple faces tough challenges against antitrust regulators in the U.S. and EU
Apple has a rough ride in 2024, as it faces antitrust battles in the U.S. and the European Union. T...
HP's All-In-Plan will let you rent printers, but it monitors them
HP has launched a new subscription service called an All-In-Plan that lets users rent a printer. Th...
Overview of the March 2024 Windows Security Updates
Microsoft released security updates for all supported versions of its Windows operating system and ...
Vivaldi Browser 6.8 launches with updated Mail client and Chrome extension imports
Vivaldi Technologies released a new version of its Vivaldi web browser to the public. Vivaldi 6.8 i...
Steam updates user reviews with a helpfulness system, and it's brilliant
Valve has announced that it is updating Steam reviews with a new helpfulness system. It is finally ...
Over 100 Ryzen 7 9800X3D premature failures reported, mostly on ASRock motherboards.
The Ryzen 7 9800X3D, hailed as one of the best processors for gaming, is now drawing concern follow...
Comments on "Windows has an 8-year-old security issue that is exploited and known by Microsoft for some time" :