Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Issues Rush Patch for .LNK Shortcut Bug

suraj.sun (1348507) writes | more than 3 years ago

Bug 0

suraj.sun (1348507) writes "Microsoft has issued an "out of band" update to all versions of Windows to fix a critical vulnerability that has been exploited in the wild for over 2 weeks.

MS 10:046: Vulnerability in Windows Shell Could Allow Remote Code Execution-- addresses the vulnerability exploited by Stuxnet and other families of malware, described first by Belorussian security firm VirusBlokAda.

For most users, the update will be automatic via Windows Update, according to Microsoft.

The vulnerability is in the Windows Shell. It can allow remote code execution if the icon of a specially crafted shortcut is displayed.

PC Magazine: http://www.pcmag.com/article2/0,2817,2367282,00.asp

Microsoft: http://www.microsoft.com/technet/security/Bulletin/MS10-046.mspx"

Link to Original Source

cancel ×

0 comments

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...