Microsoft have updated their security advisory 'Vulnerability in Windows Shell Could Allow Remote Code Execution' 2286198 to describe further attack vectors for this vulnerability. The vulnerability can be exploited using .LNK files on removable drives, via WebDav and network shares, using .PIF files as well as .LNK, and documents that can have embedded shortcuts within them. The original discussion on this vulnerability is here isc.sans.edu/diary.html?storyid=9181 Cheers, |
Adrien de Beaupre 353 Posts ISC Handler Jul 21st 2010 |
Thread locked Subscribe |
Jul 21st 2010 1 decade ago |
Microsoft issues stopgap fix for critical Windows flaw
http://support.microsoft.com/kb/2286198 http://www.theregister.co.uk/2010/07/21/microsoft_fix_it/ |
Karl 14 Posts |
Quote |
Jul 21st 2010 1 decade ago |
But is it sufficient?
Cheers, Adrien |
Adrien de Beaupre 353 Posts ISC Handler |
Quote |
Jul 21st 2010 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!