Exploit.CplLnk.Gen

SINTOMAS:

Presence of shortcut files on removable media or network shares

DESCRIPCIÓN TÉCNICA:

The detection is specific to lnk files (shortcut files) that make use of a vulnerability in the Windows operating system to execute arbitrary code. The vulnerability is caused by the routine that tries to display the icon for the shortcut file. In some cases, when the shortcut points to a module in the Control Panel, the operating system will try to load the module - to display the icon.  In order to exploit this vulnerability, a special shortcut file is crafted that will make the operating system  think that it points to some module in the Control Panel when in fact it points to amalicious module.

For the attack to be successfully carried out, the user has to view the file with Windows Explorer or other program that makes use of the shell32.dll functions in order to display the icon. The vulnerability is currently exploited by malware that BitDefender detects as Rootkit.Stuxnet.A.

INSTRUCCIONES DE LIMPIEZA:

Please let BitDefender disinfect your files.

ANALIZADO POR: