CERT mailing list archives
Current Activity - Microsoft Releases Out-of-Band Security Bulletin to Address Shortcut Vulnerability
From: Current Activity <us-cert () us-cert gov>
Date: Mon, 2 Aug 2010 14:10:10 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Microsoft Releases Out-of-Band Security Bulletin to Address Shortcut Vulnerability Original release date: August 2, 2010 at 1:55 pm Last revised: August 2, 2010 at 1:55 pm Microsoft has released security bulletin MS10-046 to address a critical vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for shortcut files. By convincing a user to display a specially crafted shortcut file, a remote attacker may be able to execute arbitrary code. US-CERT strongly encourages users and administrators to review Microsoft security bulletin MS10-046 and apply any necessary updates to mitigate the risks. Additional information regarding this vulnerability can be found in the following: * Microsoft Security Bulletin MS10-046 * Microsoft Security Advisory 2286198 * US-CERT Current Activity Entry "Microsoft Windows .LNK Vulnerability" * US-CERT Vulnerability Note VU#940193 Relevant Url(s): <http://www.microsoft.com/technet/security/advisory/2286198.mspx> <http://www.kb.cert.org/vuls/id/940193> <http://www.us-cert.gov/current/#microsoft_windows_lnk_vulnerability> <http://www.microsoft.com/technet/security/bulletin/MS10-046.mspx> ==== This entry is available at http://www.us-cert.gov/current/index.html#microsoft_releases_out_of_band1 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTFcJ8z6pPKYJORa3AQLvkAf/bn2MzXzW/N9+Vicd3ry0G/i7PSVa72Hf 45B32lAUSWVAdgrudNG837MkmOTIIHQR/uv6jdCaHxSKEmTWgMrdumUOFnosEnAA m5T8wORraI9myi28ZeGFq5y7g8lBWzeUlOXpp35yhpyMUHSRMgQP7e/1kPhpP+bk zGI60lawBJB7NETCSvJRT4t19iKdKPYw0AwKWCr0Iebfxiv6SYOEqXz6XNiE9NN1 EZoCh3296KZJpoqZuIott/3hDNQVPQlOK+DbIFNYMqdFvZGNaEqheBH89Tpxc4pR cj/t7NDgwY40pLUYACKvjJ1FUDOo2kIMCQCYIhFegTLallUeq6sq2A== =ylcM -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Microsoft Releases Out-of-Band Security Bulletin to Address Shortcut Vulnerability Current Activity (Aug 02)