NEWS FROM THE LAB - Saturday, July 17, 2010

Zero-Day Vulnerability in Windows Shell Posted by Sean @ 10:04 GMT

Microsoft has released Security Advisory 2286198, which provides details on the LNK shortcut (Windows Shell) vulnerability that's currently being exploited by the Stuxnet rootkit.

The news is not good.

Besides USB devices, the Windows Shell vulnerability can also be exploited via Windows file shares and WebDav.

All versions of Windows are affected:

Microsoft Advisory 2286198

Vulnerable versions include Windows XP Service Pack 2 which is not listed by the advisory due to its recent end-of-support status.

If there's to be no patch for SP2, users will need to implement the suggested workarounds:

  •  Disable the displaying of icons for shortcuts
  •  Disable the WebClient service

See Microsoft's Security Advisory for details.