Malware Authors Seem Intent on Weaponizing Windows SettingContent-ms Files

An anonymous reader shares a report: Malware authors are frantically trying to weaponize a new infection vector that was revealed at the start of June. The trick relies on using Windows Settings (.SettingContent-ms) shortcut files in order to achieve code execution on Windows 10 PCs. Ever since SpecterOps security researcher Matt Nelson published his research on the matter three weeks ago, malware authors have been playing around with proof-of-concept code in attempts of crafting an exploit that can deploy weaponized malware on a victim's system. With each passing day, more and more exploits are being uploaded on VirusTotal.

Re:Doesn't Microsoft hire black hats?

Doesn't Microsoft have a bunch of people on staff that think like black hats (probably because they used to be them) with the task of looking for problems like this?

From the article:

"Nelson contacted Microsoft, but they do not consider this a vulnerability in the OS. "

Re:Vulnerability description

[RandomFactor]

It gets better.

The actual extension name confuses at least one major email protection service and it won't catch an email containing it even if you do add it to your extension/type blocks. Test after blocking.

Also worthy of note - Chrome warns settingcontent-ms is a potentially dangerous file type if you download one (haven't tried other browsers yet.)

Re:Doesn't Microsoft hire black hats?

[LVSlushdat]

Shit like this makes sooooooo VERY happy I no longer allow ANYthing MS on any network I control...