Eset, a security vendor, says that virus writers are capitalizing on a Windows vulnerability exposed by a recently discovered worm. The company says that two new families of malicious software have surfaced. The virus exploits a weakness in the operating system's processing of .link files, which are used to provide shortcuts to other files on the system.

The Stuxnet worm, which was the first to exploit the vulnerability, was discovered on computer systems in Iran. The sophisticated worm, which is partial to systems with Siemens industrial control system management software, steals SCADA (supervisory control and data acquisition) project files from Siemens' computer systems.

Siemens has issued a security update for its customers. Microsoft, on the other hand, has yet to offer a patch to fix the problem. As each new variant of the malware surfaces, Microsoft faces increasing pressure to offer a fix. The company has already offered a temporary remedy to the vulnerability and says it is working on a patch.

Currently, the Stuxnet worm makes up around 1 percent of the malware on the Internet. Randy Abrams, Eset's director of technical education, says the figure is likely to increase. In an interview with Computerworld, he says, "It's likely to become one of the most prevalent attack vectors... I expect that within a few months, we'll see hundreds if not thousands of pieces of malware using the link vulnerability."