The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the user clicks the displayed icon of a specially crafted shortcut. This vulnerability is most likely to be exploited through removable drives. For systems that have AutoPlay disabled, customers would need to manually browse to the root folder of the removable disk in order for the vulnerability to be exploited. For Windows 7 systems, AutoPlay functionality for removable disks is automatically disabled.
Turn off AutoPlay
It was no good anyway
Except for exploits
Update: Sophos says disabling autoplay is not an answer
Sophos senior technology consultant Graham Cluley told ZDNet UK that the rootkit circumvents preventative measures such as disabling autorun and autoplay in Windows.
“This waltzes around autorun disable,” said Cluley. “Simply viewing the icon will run the malware.”
The Tennessee Perscription Safety Program uses tokens and registration to reduce prescription fraud. The state has the second highest per capita prescription drug spending in the US.
Through the use of card swipe technology PSP will be the first in the country to immediately track the validity of a prescription in physician offices and pharmacies. The program uses the same technology utilized by financial networks to validate a credit card purchase.
The system is meant to give “warning signals” for problem patients and prevent common attack methods. Paper prescriptions can be easily modified, for example, whereas the cards are intended to be more resistant.
a blog about the poetry of information security, since 1995
