domingo, 1 de agosto de 2010


Description -

A vulnerability exists in the Microsoft Windows Shell component that may allow the execution of malicious code. The flaw occurs due to Windows improperly handling file shortcuts. Exploitation can be achieved through multiple vectors, including manipulation of a specially-crafted .LNK or .PIF file & browsing a drive/shared location with a specially-crafted .LNK or .PIF file.

Recommendations -

The vendor has released an advisory on this issue: The vendor has posted the following workaround: Microsoft will release an out-of-band patch to address this issue on 8/2/2010

Microsoft             NAI