New Flaw in Windows Facilitates More DDOS Attacks

Dr. Roy Schestowitz

2010-07-27 22:03:18 UTC
Modified: 2010-07-27 22:03:18 UTC

Summary: Shoddy Microsoft software continues to provide opportunities for disgruntled people to attack and take down servers they dislike

ANY Windows botnet which is enabled by "Zeus" (Zeus is known to be a cause of DDOS attacks) is already taking advantage of Microsoft's latest severe flaw which affects even fully patched Windows:

Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems.

No patch is available yet:

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

More here:

Slovakian security firm Eset reports the appearance of two malware strains that exploit security vulnerabilities in the way Windows handles .lnk (shortcut) files, first used by Stuxnet to swipe information from Windows-based SCADA systems from Siemens.

We covered those SCADA incidents earlier today. This has a serious impact on the world's energy, not to mention those BP BSODs which we've already covered in [1, 2, 3].

The damage costs a lot of money and time (which can be equated to money) and the security world is "ill-equipped to solve digital whodunnits," reports The Register.

“A lot of those efforts are very unqualified and pedestrian,” said Parker, who is director of security consulting services at Washington, DC-based Securicon. “There's really not any science behind the efforts that many people have been making recently that have resulted in stories like China is attacking us, Russia is attacking us, Korea is attacking us.”

It is really hard to know where DDOS attacks come from these days. People don't control their Windows PCs, which can be hijacked and chained back to some botmasters whose interests are not known.

Georgia has an unfortunate DDOS story to tell about its national infrastructure; after years of investigation it is still not perfectly clear if the Russian government had something to do with it or not. One youngster claims responsibility, but can he be believed? It can be hard to verify. And if one youngster can paralyse an entire nation, what does that teach us about those Windows zombies he used? ⬆

GAFAM is Drowning in Debt, GAFAM is Clearly Not Sustainable Anymore (It Runs on Borrowed Money and Bailouts): The war and surrender in Iran will deepen the debt; we'll see the GAFAM reports in late July
Microsoft at 50 Follows the General Trajectory of Skype: How many years does Microsoft have left before payroll becomes impossible?
Cybersecurity Does Not Mean Asking Microsoft for Permission to Boot: There were very good and timely reasons to speak about the matter, including impending antitrust complaints against Microsoft
Chad's Move to GNU/Linux or the Point of Exceeding 5% "Market Share": experienced centuries of being colonised
Gemini Links 21/06/2026: Dating Oaks, Paying With Cash, and "More on Withered Technology": Links for the day
GAFAM Was Never an Ally to Europe: Only 1 in 10 Europeans see US as an ally — study [...] military providers in "tech" clothing cannot be trusted
GitHub, LinkedIn, and XBox Will Finish Like Skype (Sustainability Crisis): Skype should become a verb. When Microsoft 'Skypes' something it means it basically shuts it down with some temporal excuse/s.
Drowning in Garbage: AUR Shows That Too Much Low-Quality Software (Including Slop) is Bad for Everybody: What happened in AUR had happened elsewhere before and will happen again in the future
Links 21/06/2026: EU on Patented (Monopolised) Crops, Microsoft Software "Narcs on You to Your Boss": Links for the day
A Year After a Microsofter Took Over The Register MS It is Effectively a Content Farm With News as a 'Side Dish': This is not journalism, this is spam
IBM Pays the Media and Cons Some 'Journalists' Into Participating in "Quantum" Spam: "The Boy Who Cried Wolf"
You Don't Need an 'App' for Your Birdhouse (Slopfondlers Come for Birds): That they sell those things as "AI" really says a lot about how dishonest slopfondlers really are
SLAPP Censorship - Part 113 Out of 200: The United Kingdom is Not Turkey: Turkey is ranked almost worst in the Western World for press freedom
Links 21/06/2026: Bots from Alibaba Do Harm and Many Xbox Games Are Being Cancelled: Links for the day
5 Years After Release of Vista 11 Not Even One in 5 People Use It (in the US): It doesn't look like Vista 11 will ever be adopted like prior versions and announcing a Vista 12 will mostly upset companies/organisations that only recently "upgraded" to 11
Gemini Links 21/06/2026: Boca Raton, Perfect Summer Day, and LLM Doing Things Poorly: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, June 20, 2026: IRC logs for Saturday, June 20, 2026
Microsoft Insiders - Not Limited to XBox - Expect a 'Bloodbath' (Their Own Word): This isn't limited to XBox
Reports of "PIP" as Means of Mass Layoffs at IBM This Year: some insights into the PIPs
SLAPP Censorship - Part 112 Out of 200: Strangles Women, Then Refuses to Even Attend Any of His Own Hearings About It: It is meanwhile very apparent that Brett Wilson LLP is becoming a "mench sphere"
Gemini Links 20/06/2026: "There Was Never Supposed to Be a Camera" and "What Is A Programming Language"?: Links for the day
Geminispace Reaches Its 8th Year, Today It Has Turned 7: Gemini Protocol 'went live' 7 years ago, just before the COVID-19 pandemic
Links 20/06/2026: "Full Page Paralysis" and "Hopes For Xbox’s Future Might Be Over Before It Even Begins": Links for the day
European Patent Office's (EPO) Strikes "at a Scale not Seen Since Battistelli", European Patent Grants Down by Over 25% in Past 3 Months: The actions are effective
Real Security Elusive, Microsoft Layoffs to Coincide With Certificate Apocalypse: July 1
Links 20/06/2026: Microsoft's "Year of Shame" and "Feed the Writers": Links for the day
2026 is a Year of Strikes at the European Patent Office (EPO): As it stands at the moment, to many people the EPO represents crime, not law
Web Browsers Are Technically Bloatware (No Matter What Runs in Them): Don't make it a society that shames people into using a Web browser where none should be needed
Fedora Has Changed a Lot Since I Last Used It (IBM Dominates Almost Everything, IBM Agenda Displaces Community Goals): "It is effectively 100% run by Red Hat/IBM employed people... even when they are community-elected representatives."
Andy (Cyber Show) on His Teacher Who "Squeezed Every Last Drop Out of Life, With Gratitude, Humility, Generosity and Mettle": Some call them "eccentric" and are dismissive about what they have to offer
Only 1.5% Oppose the European Patent Office's (EPO) Strikes and Other Industrial Actions Until 2027: Among those polled/surveyed (in a ballot)
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, June 19, 2026: IRC logs for Friday, June 19, 2026
Gopher/Gemini Links 20/06/2026: Slop With Tcl/Tk and Nokia 770 Perishes: Links for the day
SLAPP Censorship - Part 111 Out of 200: Garrett and Graveley (the Latter Arrested for Strangling Women) Keep Ousting Their Collaboration in Litigation, Lawfare in a Foreign Continent: it's not law, it's just warfare disguised as "law"
European Patent Office (EPO) Series: Lobbying in Lisbon...: reappointment campaign lobbying has not been restricted to the "home front" in Portugal
Slop Making Its Way Into Terms Where It Does Not Belong: Hopefully by year's end Google News can successfully cull (and deprive of traffic) almost all slopfarms
Links 19/06/2026: Microsoft Patent Troll Intellectual Ventures in Europe, "World Cup of Internet Resilience": Links for the day
Links 19/06/2026: Salesforce Data Thefts and GAFAM's Conspiracy Theories That Data Center Opposition is a Foreign Plot: Links for the day
Links 19/06/2026: The Retweeting Class and Data Centres as National Security Risk: Links for the day
Don't Attack the Wives (or Spouses) of Pundits/Activists/Journalists: We will be writing several series about this in the future
Society Will Only Improve Owing to People Who Push Boundaries: Push boundaries with ideas and facts, not with forbidden language
Internet Relay Chat (Shorthand IRC) is Still Growing: Contrariwise, social control media is waning
The Register MS Published a New Page With "AI" 21 Times in It. It Was Paid SPAM.: The former editor of the The Register MS admitted to me (directly) that he knew all this "AI" stuff was stupid hype
Murdoch's Wall Street Journal (WSJ) Associates Dependence on a Ponzi Scheme With "the Future": Those ludicrous ads (disguised as rankings) from WSJ deserve scorn and ridicule
The XBox Story is Still Fast-Developing, the Layoffs Are Confirmed to be Happening Already (Mid-June), Just Not "Officially": Workers have Microsoft have long braced for what is happening this summer and will accelerate further in two weeks' time
Fake News From Rupert Murdoch's WSJ Could Not Keep IBM From Sinking: "2026 Best Companies for the Future"?
To GNU, AV2 Adoption May be a Year If Not Years Away: The leap between versions means that there is fertile ground for incompatibilities
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, June 18, 2026: IRC logs for Thursday, June 18, 2026
Gemini Links 19/06/2026: "Born and Raised by the Internet", Fifteen Years in Gopher: Links for the day

New Flaw in Windows Facilitates More DDOS Attacks

Recent Techrights' Posts