Microsoft advises of fixes to avoid the .lnk/.pif file vulnerability

July 23rd, 2010 1 Comment

Microsoft has posted both a software and a manual fix/workaround that will help mitigate the .lnk and .pif file vulnerability on their Support page. This vulnerability can allow a someone remote access to your Windows machine from Windows XP all the way up through Windows 7.  Use either of the workarounds until Microsoft issues an official patch.  If you are not comfortable with editing the Windows Registry manually, I suggest using the software utility provided on the Support page.

For those that haven’t heard about it, Windows incorrectly handles (parses) shortcuts in a way that malicious code may be executed when the icon of a specially crafted (read: Malicious) shortcut is displayed.

Microsoft TechNet Advisory:
http://www.microsoft.com/technet/security/advisory/2286198.mspx

Microsoft Support Page for KB2286198:
http://support.microsoft.com/kb/2286198#LetMeFixItMyself

Joe

Posted in Computer Security, News, Updates | Tags: , , , , , ,
«
»
You can leave a response, or trackback from your own site.

One Response to “Microsoft advises of fixes to avoid the .lnk/.pif file vulnerability”

  1. Tweets that mention Microsoft advises of fixes to avoid the .lnk/.pif file vulnerability | Cyber Crime 101 -- Topsy.com says:
    July 23, 2010 at 10:44 pm

    [...] This post was mentioned on Twitter by Big Kahuna, CyberCrime101. CyberCrime101 said: New blog post Re: Windows .lnk file vulnerability workarounds: http://is.gd/dDmPJ [...]

Leave a Reply

Subscribe to RSS Feed Follow me on Twitter!