Security firms Sophos and G Data have released a free, temporary patch for a critical zero-day vulnerability in Microsoft operating systems.
The vulnerability, which allows hackers to remotely execute malicious code on infected systems, can affect a PC if a user opens a seemingly harmless desktop folder that has an infected .lnk extension hidden inside it.
Sophos has released the Windows Shortcut Exploit Protection Tool, which, when installed, will alert users to any infected .lnk files on their system and prevent the malicious code from running.
G Data has released its LNK Checker tool, which is capable of blocking the automatic execution of malicious codes on a PC and will notify users of infected .lnk folder by highlighting the folder with a red warning signal.
In a statement to The Guardian, Graham Cluley, senior security researcher at Sophos, said: “The threat from the exploit is high as all a user has to do is open a device or folder – without clicking any icons – and the exploit will automatically run.”