CPLINK explained
CPLINK and Win32/CplLnk.A are names for a Microsoft Windows shortcut icon vulnerability discovered in June 2010 and patched on 2 August[1] [2] that affected all Windows operating systems. The vulnerability is exploitable when any Windows application that display shortcut icons, such as Windows Explorer,[3] browses to a folder containing a malicious shortcut.[4] The exploit can be triggered without any user interaction, regardless where the shortcut file is located.[4] [5]
In June 2010, VirusBlokAda reported detection of zero-day attack malware called Stuxnet that exploited the vulnerability to install a rootkit that snooped Siemens' SCADA systems WinCC[6] and PCS 7.[7] According to Symantec it is the first worm designed to reprogram industrial systems and not only to spy on them.[8]
External links
Notes and References
- Web site: Microsoft Security Bulletin MS10-046 - Critical / Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198). 2 August 2010. Microsoft. 21 November 2011.
- Web site: Microsoft issues 'critical' patch for shortcut bug. 2 August 2010. BBC News. 21 November 2011.
- Web site: Encyclopedia entry: Exploit:Win32/CplLnk.A. Jul 16, 2010. Microsoft. 27 July 2010.
- Web site: AskChet, Episode 2, July 26, 2010 - Sophos security news. Wisniewski. Chester. 2010-07-27. SophosLabs. 27 July 2010.
- Web site: Shortcut exploit still quiet - Keep your fingers crossed. Wisniewski. Chester. 2010-07-26. Sophos. 27 July 2010. https://web.archive.org/web/20100801025002/http://www.sophos.com/blogs/chetw/g/2010/07/26/shortcut-exploit-dormant-fingers-crossed/. 1 August 2010. dead.
- News: Details of the first-ever control system malware (FAQ). Mills. Elinor. 2010-07-21. CNET. 21 July 2010.
- Web site: SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan. 2010-07-21. Siemens. malware (trojan) which affects the visualization system WinCC SCADA.. 22 July 2010.
- News: Siemens: Stuxnet worm hit industrial systems . https://archive.today/20120525053210/http://www.computerworld.com/s/article/print/9185419/Siemens_Stuxnet_worm_hit_industrial_systems?taxonomyName=Network+Security&taxonomyId=142 . dead . 25 May 2012 . 16 September 2010 .