Microsoft releases patch to address Windows shortcut exploit

By on Aug 2, 2010 at 9:45 PM
Software August 2, 2010

Today, Microsoft released an out-of-band patch for the Windows .lnk extension exploit that was announced several weeks ago. The exploit can allow unauthorized users to execute arbitrary code if an “icon of a specially crafted shortcut is displayed.” Microsoft said: “An attacker could disseminate a USB or other removable drive with a malicious shortcut file on it and when the target victim opens the drive in Windows Explorer or any other application that parses the icon of the shortcut, the malicious code would execute on the victim’s computer. An attacker could also embed malware in a malicious Web site, a remote network share, or in a Microsoft Word document.” Lately, the .lnk exploit, which is actually a vulnerability found in the Windows Shell, has been spreading via the Sality.AT virus, according to a Microsoft blog post. Regardless, the patch is out there and the bug is present in virtually all versions of Windows, if you’re a Windows user, we highly suggest you install it now.

Read

Tags:
, , , , ,
10 Comments

Related Articles

  • Garry

    This is why I’m getting a Mac.

    • gay a$$ apple

      mac OS is worse! a lot easier to hack!

    • stone

      so, you are getting a mac because windows is too secure? because windows security issues gets acknowledged and fixed fast? because macos officially is less secure than windows?

      jesus christ the ignorance.

      • http://www.ccel.org Harry

        Bellow all you like, it doesn’t change the fact that there are *still no Mac OS viruses or worms* in the wild.

      • http://blog.glcomputing.com.au Mike Lazarus

        Fex MAC OS viruses in the wild because so few MACs in the wild

    • http://blog.glcomputing.com.au Mike Lazarus

      You’re getting a Mac because Apple don’t patch their flaws quickly/

      Apple has said they have fixed some of the security holes in the iPhone and iPad … but wont be giving the patches to used till 4.1

  • Android sucks

    Windows is fine, at least it’s not Android, the most overhyped POS OS ever.

  • HunterA3

    Though they are old operating systems, it’s a crying shame that Microsoft wont apply this same patch to 2000 and XP sp2, which are also vulnerable to this same exploit.

    • Brad

      Why the heck should they? Do you expect your car dealer to fix flaws in your 6 year old car for free? Quit whining and upgrade to XP SP3. Or actually, do yourself a favor and upgrade to Windows 7. It puts XP to shame.

  • fred

    “Los Links!”

blog comments powered by Disqus