For the past several years, the only real solution has been to install Linux.

Microsoft's fix doesn't "remove all shortcuts from the system" either. It disables display of their icons (Control Panel ones at least, I haven't tried it myself), leaving you with plain white squares apparently.

Sophos's solution takes the suspect icon out through an unused USB port at the back of your computer and waterboards it until it confesses. Drawbacks are that legitimate icons look pale and washed-out and your CPU suffers from chronic dampness, but it's better than having Johnny Pirate take over your computer and sail away to China with it. You see I can make up bollocks as well and it doesn't make me look clever, although I am.

Why aren't PIFs a problem? They can have icons in but I don't think they can do horrible things - then again, they may still be taken from evil DLLs. And anyway, Windows before now has had virus vulnerabilities in -graphics-, at least one such occasion being immediately after support ended for some Windows version - 95 or 98 I think - or in its best available version of Internet Explorer, so that you'd "have to" upgrade. Which makes us wonder whether they do it on purpose, and whether it's even real faults.

After my friends and relatives have been hacked a few times, I offer them the option of NOT getting hacked for a while - I offer them Linux.

Linux Mint, specifically, and most of them have not looked back. Windows is hopelessly broken, and this latest article is a terrific example of it.

It may not be for everyone, but most of those I've set up with it are very happy... And safe.

This is a REALLY old trick, that someone has played with. Dates back to win 95 i think, back in the day I'd hide my porn files using a control panel shortcuts. When they we're dbl clicked (etc), they would load up a control panel systems property. Also any logs looked normal.
A simple ren etc and your back up and running!

Good for hiding self exe zip files, with network games @ school back in the early 90s!

Don't take away my nerd cred, bloody hackers!

I Agree with you, I don't like the bland regurgitated news. Reason why I have been coming here for years.If only Shad could look outside the box and not have it nicely packaged.

Shad, this is a quirky tech news site. If you want boring truth then go elsewhere.

On the other hand if you like snide headlines, cheeky remarks and journalists who are not just regurgitating gushing pr then you might like it here.

"The Inquirer - News, Reviews, Facts and Friction"

Even in their own ingredients list the truth only makes up 25%!

Mr Latif's articles are sharp.

Sophos does not check the icon as it’s clicked; the problem is with rendering the icon. For an exploit to work, Windows only has to display the icon, the user does not have to do anything.

According to the video on the page you link to, Sophos have made their own icon handler for shortcuts. If you had bothered to watch it you would have known that.

It’s much better than Microsoft’s INTERIM fix which disables rendering of all icons.

As for Microsoft all but giving up on fixing the problem, where did you get that from? Can you cite a source?

The only thing I see being given up on is Journalism; why not apply for a job with the Daly Star? I’m sure you’d be right at home.