Microsoft has shared a number of vulnerable threats that are persisting in the Windows structures. These infections tend to infect all the different versions of Windows commercially available in the market including Windows XP, Windows Vista and Windows 7 on the frontline. The vulnerability is resultant of improper analysis of shortcuts that can result in the execution of malicious code when the user clicks on a shortcut icon changed. There seems to be an overall security hole in the system that will be able to infect the files not moving through any of the security scrutiny of the system when the shortcut file will be open.
The source:
The source to this infection is usually trough the USB because on most of the system, people have not disabled the auto run of USB devices and they run by themselves the moment you insert them or open them through the Windows Explorer. There seems to be not a single operating system in the whole of the Windows Line up that is safe from the infection. Windows 2000, Windows XP, Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008 are all active part of these infections. The virus does however work with the AutoPlay mode as well. It can connect an infected USB itself to the system and open the file that was last executed through the Windows Explorer or any other application. This execution will result into the generation of this attack. There are actually two files mrxnet.sys and mrxcls.sys that are credible of making such superb effects. These driver file have already obtained a certificate validation from the Verisign while the manufacturer is RealTek. The overall combination of the files along with the source of manufacturer and the driver certification sets no hurdle in the overall process.
History of attacks and precautions:
There have been a total of 6000 infection attempts recorded by now according to the official words that have come from the Microsoft Security Center. The malware Stunxnet has a strong connection with this infection and the relationship was discovered by a number of security companies such as VirusBlokAda. The best of the precautions that you can possibly do is to turn off the icons that are displaying shortcuts. This will make you careful about them. Windows XP users are being communicated through the website to upgrade to either of the Service Pack 3 or the latest version of Windows in order to be less open to the vulnerability. The server does not support Service pack 3 anymore.
There are even subtle chances that the hacker takes complete control of the system if the user is logged in as administrator and this will make him able to install software, view, modify or delete data or even create other administrative accounts on your system. You can avoid this by logging in through the normal user account and set yourself less open to the infection. There is by far, no news about a patch releasing to fix the issue in the very near future.
