|
Microsoft Plugs Windows Shortcut Hole with Emergency Patch
|
Posted by Donster on: 2010-08-02 15:22:12 251
|
By Elinor Mills @ CNET News
As planned, Microsoft released a fix on Monday for a critical Windows vulnerability that was being exploited by a fast-spreading virus and other malware.
The software patch fixes the way Windows Shell handles shortcut files, which are links to a file represented by an icon and implemented with the .lnk extension. Attackers exploiting the hole could take complete control of the computer, the security advisory said.
An attacker could disseminate a USB or other removable drive with a malicious shortcut file on it and when the target victim opens the drive in Windows Explorer or any other application that parses the icon of the shortcut, the malicious code would execute on the victim's computer. An attacker could also embed malware in a malicious Web site, a remote network share or in a Microsoft Word document, Microsoft said.
Read more...
|
|
News Source: Email
|
|
