Security researchers have found a new exploit which is being used in targeted espionage attacks. The attacks utilize a USB device as the attack vector, according to researchers at F-Secure.
“The rootkit uses a LNK file that infects the operating system when viewed by an icon rendering file explorer such as Windows Explorer or Total Commander,” writes Sean Sullivan, a researcher with F-Secure.
The attacks is capable of circumventing even fully patched computers running Windows 7, according to media reports.
“Many organizations have long since established policies for handing USB devices due to autorun worms,” Sullivan writes. “This new espionage attack seems to indicate the need for additional review. Disabling AutoRun/AutoPlay by policy is no longer a guaranteed safeguard.”