http://www.f-secure.com/weblog/archives/00001994.html
Microsoft has updated Security Advisory 2286198 (version 1.2).
It's quite evident that the folks at Microsoft are working very diligently on this issue. Our concerns have been addressed and the advisory no longer lists Windows 7 AutoPlay as a mitigation. We thank them for this clarification.
And now the bad news.
Version 1.2 of the advisory has an important new detail:
"An exploit can also be included in specific document types that support embedded shortcuts."
This really expands the potential reach of the LNK vulnerability. Depending on the ease to which documents can be utilized, we will now almost certainly see targeted attack attachments via e-mail messages.
[...]
Let's review the workarounds listed in the advisory.
• Disable the displaying of icons for shortcuts
• Disable the WebClient service
• Block the download of LNK and PIF files from the Internet
Microsoft Support has a Knowledge Base Article which includes their one click "Fix it" buttons for disabling shortcut functionality.
Everyone should review this new information and evaluate it for their environment while Microsoft continues their work to develop a security update.
No comments:
Post a Comment