Sunday, July 18, 2010

Microsoft Security Advisory (2286198)

General Information
Executive Summary

Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as well as workarounds and mitigations for this issue.

The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the user clicks the displayed icon of a specially crafted shortcut. This vulnerability is most likely to be exploited through removable drives. For systems that have AutoPlay disabled, customers would need to manually browse to the root folder of the removable disk in order for the vulnerability to be exploited. For Windows 7 systems, AutoPlay functionality for removable disks is automatically disabled.

http://www.microsoft.com/technet/security/advisory/2286198.mspx

No comments:

Hack the Box Blue

https://arcy24.medium.com/hack-the-box-blue-f5ae5b602a5c