Microsoft's New Patch for Windows Shortcut Exploit

Microsoft has released a new out-of-band security update patch for the Window Shortcut vulnerability. An out-of-band patch is the one that addresses the critically vulnerable exploit. This exploit is related to the Windows Shortcut files (.lnk) that can be manipulated to gain user rights of the affected system.




Windows Shortcuts are the .lnk or link files that allow launching respective program installed in the system. Several Malware families might be looking to attack the vulnerable Windows Shortcuts. Holly Stewart, senior program manager for Microsoft Malware Protection Center, noted on the official blog, Stuxnet, Sality and few other families of viruses and Trojans were looking to exploit the vulnerability of Windows Shortcuts.



Here, a malicious shortcut file is placed on your drive and it spreads across your Windows System to gain some user rights and thereby control system over the Internet. This out-of-band security patch applies to Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 operating systems.



Here's a graph of frequently detected infection attempts since July 29.

If you've set auto-update of your Windows OS off, then download the security update from Microsoft Download Center.