0
Microsoft Warns of Windows Shortcut Vulnerability
Posted by MOHAMED NIAMATH
on
12:40 PM
in
news
Microsoft has warned that malicious code can be executed from Windows shortcuts. Advisory 2286198 says the shortcut vulnerability "is most likely to be exploited through removable drives." Microsoft has suggested some Windows shortcut workarounds, but these cause other problems. A security expert called the Windows vulnerability "a major oversight."
Microsoft has released a security Relevant Products/Services advisory addressing a vulnerability in the way Windows parses shortcuts. In Advisory 2286198, issued Friday and updated Monday, the software giant said "malicious code may be executed when a specially crafted shortcut is displayed," even without any user action to run the executable. The company said it is working on a security update.
In the advisory, Microsoft said the vulnerability "is most likely to be exploited through removable drives." It added that, for systems with AutoPlay disabled, users would have to manually browse to the compromised folder in the removable drive for the vulnerability to be exploited. Windows 7 automatically disables AutoPlay functionality for removable disks.
Microsoft Suggestions
Until a fix is issued, Microsoft suggests that icons for shortcuts be disabled, but, as some observers have noted, this is highly problematic in a visual-based interface. Another suggestion from Microsoft is disabling the WebClient service used for WebDav, which, for SharePoint users, could also be a problem.
The vulnerability affects all currently supported Windows versions. These include XP Service Pack 3, XP Pro x64 Edition Service Pack 2, Server 2003 Service Pack 2, Server 2003 x64 Edition Service Pack 2, Server 2003 with SP2 for Itanium-based Systems, Vista Service Pack 1 and Service Pack 2, Vista x64 Edition Service Pack 1 and Service Pack 2, Server 2008 for 32-bit Systems and Server 2008 for 32-bit Systems Service Pack 2, Server 2008 for x64-based Systems and Server 2008 for x64-based Systems Service Pack 2, Server 2008 for Itanium-based Systems and Server 2008 for Itanium-based Systems Service Pack 2, Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Server 2008 R2 for x64-based Systems, and Server 2008 R2 for Itanium-based Systems.
|
Microsoft has released a security Relevant Products/Services advisory addressing a vulnerability in the way Windows parses shortcuts. In Advisory 2286198, issued Friday and updated Monday, the software giant said "malicious code may be executed when a specially crafted shortcut is displayed," even without any user action to run the executable. The company said it is working on a security update.
In the advisory, Microsoft said the vulnerability "is most likely to be exploited through removable drives." It added that, for systems with AutoPlay disabled, users would have to manually browse to the compromised folder in the removable drive for the vulnerability to be exploited. Windows 7 automatically disables AutoPlay functionality for removable disks.
Microsoft Suggestions
Until a fix is issued, Microsoft suggests that icons for shortcuts be disabled, but, as some observers have noted, this is highly problematic in a visual-based interface. Another suggestion from Microsoft is disabling the WebClient service used for WebDav, which, for SharePoint users, could also be a problem.
The vulnerability affects all currently supported Windows versions. These include XP Service Pack 3, XP Pro x64 Edition Service Pack 2, Server 2003 Service Pack 2, Server 2003 x64 Edition Service Pack 2, Server 2003 with SP2 for Itanium-based Systems, Vista Service Pack 1 and Service Pack 2, Vista x64 Edition Service Pack 1 and Service Pack 2, Server 2008 for 32-bit Systems and Server 2008 for 32-bit Systems Service Pack 2, Server 2008 for x64-based Systems and Server 2008 for x64-based Systems Service Pack 2, Server 2008 for Itanium-based Systems and Server 2008 for Itanium-based Systems Service Pack 2, Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Server 2008 R2 for x64-based Systems, and Server 2008 R2 for Itanium-based Systems.
|
