Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft Security Advisory (2286198)

16 Jul 2010   #1
Corrine

Windows 7 & Windows Vista Ultimate
 
 
Microsoft Security Advisory (2286198)

Microsoft has released Security Advisory 2286198, which addresses a publicly reported vulnerability in Windows Shell. From the Security Advisory:

Quote:
"The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the user clicks the displayed icon of a specially crafted shortcut. This vulnerability is most likely to be exploited through removable drives."
If AutoPlay is disabled, particularly for USB devices, in order for the vulnerability to be exploited, it would be necessary to manually browse to the root folder of the removable disk. AutoPlay for removable disks is automatically disabled on Windows 7. In the event you have enabled AutoPlay, it is strongly advised that it be disabled.

To disable AutoPlay the prerequisites in Microsoft KB Article 967715 must first be installed. If your computer is up-to-date, they are already installed. The KB Article also includes instructions on "How to disable the Autorun functionality in Windows".

Note that it is additionally reported on the MSRC Blog that, "In the wild, this vulnerability has been found operating in conjunction with the Stuxnet malware". For more information on Stuxnet, see the MMPC blog post. Of further interest, as the MSRC Blog reports

Quote:
"signatures in up-to-date versions of Microsoft Security Essentials, Microsoft Forefront Client Security, Windows Live OneCare, the Forefront Threat Management Gateway, and the Windows Live Safety Platform protect customers against the Stuxnet malware."
References:



My System SpecsSystem Spec
17 Jul 2010   #2
justalogin

Win 7
 
 

This applies to

Microsoft Windows 2000
Windows XP Service Pack 2
Windows XP Service Pack 3
Windows Server 2003 Service Pack 1
Windows Server 2003 Service Pack 2

Not Win 7
My System SpecsSystem Spec
17 Jul 2010   #3
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Hi, justalogin.

AutoPlay for removable disks is automatically disabled on Windows 7. In the event you have enabled AutoPlay, it is strongly advised that it be disabled. See this tutorial and follow the instructions to disable AutoPlay if you enabled it: AutoPlay - Enable or Disable AutoRun
My System SpecsSystem Spec
Reply

 Microsoft Security Advisory (2286198)




Thread Tools





Similar help and support threads
Thread Forum
Microsoft Security Advisory (2934088) IE9,10
Vulnerability in Internet Explorer Could Allow Remote Code Execution Microsoft Security Advisory (2934088): Vulnerability in Internet Explorer Could Allow Remote Code Execution A Guy
Security News
Microsoft Security Advisory (2490606)
Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Microsoft releases Security Advisory 2490606 - MSRC - Site Home - TechNet Blogs
Windows Updates & Activation
Fix it Released for Security Advisory 2286198
Microsoft updated Microsoft Security Advisory 2286198 to provide an automated "Fix It" solution to implement the workaround provided in the original Security Advisory release. The Fix it disables .LNK and .PIF file functionality automatically on a computer that is running Windows XP, ...
News
Microsoft Security Advisory (980088)
Microsoft Security Advisory (980088) Vulnerability in Internet Explorer Could Allow Information Disclosure Published: February 03, 2010 Version: 1.0 Microsoft is investigating a publicly reported vulnerability in Internet Explorer for customers running Windows XP or who have disabled Internet...
System Security
Microsoft Security Advisory (979352)
Microsoft Security Advisory (979352) Vulnerability in Internet Explorer Could Allow Remote Code Execution Published: January 14, 2010 General Information Executive Summary Microsoft is investigating a report of a publicly exploited vulnerability in Internet Explorer. This advisory contains...
System Security
Microsoft Security Advisory 973882, Microsoft Security
More...
News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Š Designer Media Ltd

All times are GMT -5. The time now is 10:25.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App