Post reply

News:

--> Devnullius's Choices: A list of default programs to keep your PC running well!

Samker's Computer Forum - SCforum.info »
World TOP Headlines: »
Latest Security News & Alerts »
Post reply ( Re: Patch out now for Microsoft Security Advisory (2286198) )

Post reply

Name:
Email:
Subject:
Message icon:

[quote author=mercenary link=topic=4409.msg11877#msg11877 date=1280771431]
General Information
Executive Summary
Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as well as workarounds and mitigations for this issue.

The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit can also be included in specific document types that support embedded shortcuts.

Microsoft is currently working to develop a security update for Windows to address this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

The patch is out now...  That was quick!  thanks MS...

[url=http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx]http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx[/url]
[/quote]

Attachments and other options

Return to this topic.
Don't use smileys.

Verification:

Type the letters shown in the picture

Listen to the letters / Request another image

Type the letters shown in the picture:

Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview

Topic Summary

Posted by: Samker

« on: 02. August 2010., 21:05:26 »

Insert Quote

Thanks for info's Mercenary.

Quote

News is related with:

"Microsoft warns of new 0-day exploit, involving the Windows Shell (.lnk)": http://scforum.info/index.php/topic,4366.0.html

and

"Microsoft offer temporary "Fixit" for critical Windows Shell vulnerability": http://scforum.info/index.php/topic,4376.0.html

Posted by: mercenary

« on: 02. August 2010., 18:50:31 »

Insert Quote

General Information
Executive Summary
Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as well as workarounds and mitigations for this issue.

The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit can also be included in specific document types that support embedded shortcuts.

Microsoft is currently working to develop a security update for Windows to address this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

The patch is out now... That was quick! thanks MS...

http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx

Terms of Use | Privacy Policy | Advertising

SMF | SMF © 2019, Simple Machines
TinyPortal © 2005-2012
XHTML
RSS
WAP2