Microsoft has released an automated Fix It package that will help prevent attacks attempting to exploit a Windows Shell vulnerability. This workaround may however disable some icons from being displayed so it is recommended that administrators test this before deploying it widely.
This vulnerability (Microsoft Security Advisory – 2286198) in Windows Shell Could Allow Remote Code Execution.
The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit can also be included in specific document types that support embedded shortcuts.
To implement the workaround that disables .LNK and .PIF file functionality automatically on a computer that is running Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, or Windows Server R2 download and apply Fix it 50586 mentioned in KB2286198.
Applying the fixit will remove the graphical representation of icons on the Task bar and Start menu bar and replace them with white icons without the graphical representation of the icon.
- Tags: Fix It