Just a short question: Is Avast 5 able to prevent from the new zero-day exploit? Are there any definitions out yet? Or is it impossible to block such attacks generally because no special file has to be executed?
An ordinary detection, i.e. file scanner / mail scanner / web shield / …
Well, some patterns always have to be matched - otherwise the exploit wouldn’t work at all
But yes, even currently unseen variants are detected.
Nobody can say that, of course - it’s impossible to say what modifications appear in the future.
Partially yes. The thing is that this whole “vulnerability” is not really a bug - but rather a feature. Some users have basically the same non-malicious link files on their disks; some printer/modem installers create them. So, we use the community submissions to (silently) check for false alarms before making the detection too general (i.e. covering more than we really want).
If anyone wants to protect their PCs against unknown new variants of the exploit until Microsoft releases a fix,
some AV vendors have released a tool that checks lnk-files for the exploit.