Overview
A vulnerability exists in the Microsoft Windows Shell component that may allow the execution of malicious code.
A vulnerability exists in the Microsoft Windows Shell component that may allow the execution of malicious code. The flaw occurs due to Windows improperly handling file shortcuts. Exploitation can be achieved through multiple vectors, including manipulation of a specially-crafted .LNK or .PIF file & browsing a drive/shared location with a specially-crafted .LNK or .PIF file.
Attack VectorMaliciously Crafted File
User Interactionuser interaction is needed
Vendor StatusResponded and patched
Vulnerable Systems
Windows
2008 R2,
Timeline
Vulnerability information has been publicly disclosed.
2010-07-16Vendor has provided information on the vulnerability.
2010-07-18A proof of concept has been released.
2010-07-19A proof of concept has been released.
2010-07-21A proof of concept has been released.
2010-07-30Vendor has provided information on the vulnerability.
2010-08-02Vendor has provided a patch.
Recommendations
The vendor has released an update to address this issue:
http://www.microsoft.com/technet/security/Bulletin/MS10-046.mspx
Recommendations McAfee Product Mitigation
Additional Resources
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
http://www.microsoft.com/technet/security/Bulletin/MS10-046.mspx
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
http://www.microsoft.com/technet/security/Bulletin/MS10-046.mspx