Malware Writers Targeted Patched Windows Shortcut Bug in August
eWeek, By Brian Prince
Attackers had their eyes fixed on the Windows .LNK shortcut vulnerability in August, accounting for three entries on Kaspersky Lab's list of the top 20 most prolific malicious programs during the month.
Reports of the vulnerability first became public in July, with the revelation of the Stuxnet worm. Two of the three pieces of malware directly exploit the flaw, while the third is a Trojan dropper that uses it to propagate and install the latest version of the Sality virus. Though Microsoft patched the vulnerability Aug. 2, the three pieces of malware ended up ranking ninth, 12th and 17th.