CPLINK

CPLINK and Win32/CplLnk.A are names for a Microsoft Windows shortcut icon vulnerability discovered in June 2010 and patched on 2 August[1][2] that affected all Windows operating systems. The vulnerability is exploitable when any Windows application that displays shortcut icons, such as Windows Explorer,[3] browses to a folder containing a malicious shortcut.[4] The exploit can be triggered without any user interaction, regardless where the shortcut file is located.[4][5]

In June 2010, VirusBlokAda reported detection of zero-day attack malware called Stuxnet that exploited the vulnerability to install a rootkit that snooped Siemens' SCADA systems WinCC[6] and PCS 7.[7] According to Symantec it is the first worm designed to reprogram industrial systems and not only to spy on them.[8]

References

  1. ^ "Microsoft Security Bulletin MS10-046 - Critical / Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)". Microsoft. 2 August 2010. Retrieved 21 November 2011.
  2. ^ "Microsoft issues 'critical' patch for shortcut bug". BBC News. 2 August 2010. Retrieved 21 November 2011.
  3. ^ "Encyclopedia entry: Exploit:Win32/CplLnk.A". Microsoft. Jul 16, 2010. Retrieved 27 July 2010.
  4. ^ a b Wisniewski, Chester (2010-07-27). "AskChet, Episode 2, July 26, 2010 - Sophos security news". SophosLabs. Retrieved 27 July 2010.[dead YouTube link]
  5. ^ Wisniewski, Chester (2010-07-26). "Shortcut exploit still quiet - Keep your fingers crossed". Sophos. Archived from the original on 1 August 2010. Retrieved 27 July 2010.
  6. ^ Mills, Elinor (2010-07-21). "Details of the first-ever control system malware (FAQ)". CNET. Retrieved 21 July 2010.
  7. ^ "SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan". Siemens. 2010-07-21. Retrieved 22 July 2010. malware (trojan) which affects the visualization system WinCC SCADA.
  8. ^ "Siemens: Stuxnet worm hit industrial systems". Retrieved 16 September 2010.{{cite news}}: CS1 maint: deprecated archival service (link)

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.