 |
Windows 7: Fix it Released for Security Advisory 2286198
|
20 Jul 2010
|
#1 | |
Windows 7 & Windows Vista Ultimate Upstate NY |
Fix it Released for Security Advisory 2286198
Microsoft updated Microsoft Security Advisory 2286198 to provide an automated "Fix It" solution to implement the workaround provided in the original Security Advisory release.
The Fix it disables .LNK and .PIF file functionality automatically on a computer that is running Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, or Windows Server R2.
Complete details about the Fix it solution to both enable the workaround and disable it after a security update has been released are available in Microsoft KB 2286198. Enable Workaround  Fix this problem
Microsoft Fix it 50486 NOTE: Applying the Fix it will require a restart of the machine.
After a security update is released for this vulnerability, you can undo the changes made by the Fix it solution by using Microsoft Fix it 50487: References: | My System Specs |
| OS Windows 7 & Windows Vista Ultimate
|
21 Jul 2010
|
#2 | |
Windows 7 Home Premium 32 bit In a house with a cat trying to kill me |
Thanx for the heads up  | | My System Specs | | System Manufacturer/Model Number Dell Hell oh Well
OS Windows 7 Home Premium 32 bit
CPU Intel Core 2 Duo 2.93GHz
Memory Not much with my ADHD
Graphics Card ATI Radeon HD 4350
Monitor(s) Displays I have one...It's bright. A 19 inch CRT actually.
Keyboard It's 10 years old and amazingly still works
Mouse Same deal with the mouse, 10 yrs old, if it ain't broke...
Case Don't get on my case...man :D
Cooling I have an Air Conditioner & Diet Pepsi
Hard Drives 250 GB Main Drive, 2 - 1 TB Externals, various FD's.
|
21 Jul 2010
|
#3 | |
Windows 7 x64 / Same In Your Basement. |
So after running this fix, you can't use shortcuts? No thanks. | | My System Specs | | System Manufacturer/Model Number Dell Inspiron 1520 (Laptop)/ Home (Desktop)
OS Windows 7 x64 / Same
CPU Intel Core 2 Duo T7250 / Intel Core i7 930
Motherboard Intel 945 / Asus P6X58D-E
Memory 4GB / 6GB
Graphics Card NVIDIA GeForce 8400M GS / ASUS 1GB
Sound Card Whatever Dell gave me :-( / Onboard
Monitor(s) Displays 15.4" LCD / Crappy CRT
Mouse Microsoft Presenter (Bluetooth)
PSU N/A / OCZ Fatal1ty 550W Modular
Case N/A / Antec 900
Cooling Air
Hard Drives Seagate 500GB SATA; 7200 RPM / Seagate 1TB SATA; 7200 RPM
|
21 Jul 2010
|
#4 | |
W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE Indian Territory |
This is like killing the baby because he messed his diaper. How would one start a program...by going to the .exe in it's directory? | | My System Specs | | System Manufacturer/Model Number DIY
OS W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
CPU Phenom II 1090T w/Noctua NH-D14 /**4400+ X2 w/CM Hyper TX 3
Motherboard ASRock 890FX Deluxe 4/**A8N-SLI
Memory 2 x 2GB Patriot PGS34g1600LLKA/**4x1GB Corsair VS
Graphics Card EVGA GTX460 SC/**EVGA 8800GTS
Sound Card Asus Xonar D2X/**Xonar D1
Monitor(s) Displays Acer X233H, Dell E152FPc /**LG M237-WD
Screen Resolution 1920x1080 & 1024x768/**1980x1080
Keyboard Logitech Media USB/**Saitek Eclipse
Mouse Cordless Trackman Wheel/**Ditto
PSU CM RS600 w/ APC BX1000G/**Antec 500 TP w/ APC BX1000
Case HAF922/**Antec 1040IIB
Cooling 3x200mm, 1x140 and 1x120mm/**5x80mm fans
Hard Drives WDC 2TB, 1.5TB, 1TB, 500GB,Seagate 500GB , Maxtor 80GB /**500GB Seagate & WDC 1TB Black
Internet Speed 3.3Mbps
Other Info SB 560 5.1 w/ Sennheiser RS140/**Creative T20 speakers, Dvico FusionHDTV7 Gold RT, Cisco E3000, HP 5510V AIO, Linksys E3000, Belkin F5U237 hub and **F5D8055 adapter
(** = 2nd rig)
|
21 Jul 2010
|
#5 | |
Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit |
No it will just Disable the displaying of icons for shortcuts
Quote: An attacker could present a removable drive to the user with a malicious shortcut file, and an associated malicious binary. When the user opens this drive in Windows Explorer, or any other application that parses the icon of the shortcut, the malicious binary will execute code of the attacker’s choice on the victim system. An attacker could also set up a malicious Web site or a remote network share and place the malicious components on this remote location. When the user browses the Web site using a Web browser such as Internet Explorer or a file manager such as Windows Explorer, Windows will attempt to load the icon of the shortcut file, and the malicious binary will be invoked. In addition, an attacker could embed an exploit in a document that supports embedded shortcuts or a hosted browser control (such as but not limited to Microsoft Office documents). Quote: Impact of workaround. Disabling icons from being displayed for shortcuts prevents the issue from being exploited on affected systems. When this workaround is implemented, the system may display most icons as a "white" default object icon, which does impact usability. We recommend that system administrators test this workaround thoroughly prior to deployment. When the workaround is undone, all icons will reappear. Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution | | My System Specs | | System Manufacturer/Model Number Samsung NP550P5C-S02IN
OS Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit
CPU Intel® Core™ i7 Processor 3,610QM (2.30Hz, 6MB L3 Cach
Memory 8 GB
Graphics Card NVIDIA® GeForce® GT 650M 2GB Graphics, Optimus™ techno
Sound Card SoundAlive™ JBL 3 Speakers (With sub-Woofer)
Monitor(s) Displays 39.62cm (15.6) SuperBright 300nit HD+ LED Display
Screen Resolution 1,600 x 900, Anti-Reflective
Hard Drives 1TB S-ATA II Hard Drive (5,400RPM)
|
21 Jul 2010
|
#6 | |
Windows 7 x64 / Same In Your Basement. |
Captain, where have you been? I haven't seen you around lately. Either case, good to see you. | | My System Specs | | System Manufacturer/Model Number Dell Inspiron 1520 (Laptop)/ Home (Desktop)
OS Windows 7 x64 / Same
CPU Intel Core 2 Duo T7250 / Intel Core i7 930
Motherboard Intel 945 / Asus P6X58D-E
Memory 4GB / 6GB
Graphics Card NVIDIA GeForce 8400M GS / ASUS 1GB
Sound Card Whatever Dell gave me :-( / Onboard
Monitor(s) Displays 15.4" LCD / Crappy CRT
Mouse Microsoft Presenter (Bluetooth)
PSU N/A / OCZ Fatal1ty 550W Modular
Case N/A / Antec 900
Cooling Air
Hard Drives Seagate 500GB SATA; 7200 RPM / Seagate 1TB SATA; 7200 RPM
|
21 Jul 2010
|
#7 | |
Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit |
Quote: Originally Posted by Win7User512  Captain, where have you been? I haven't seen you around lately. Either case, good to see you. Been a little busy lately ! Used to hop in when I'm free.  Good to see you as well my friend. | | My System Specs | | System Manufacturer/Model Number Samsung NP550P5C-S02IN
OS Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit
CPU Intel® Core™ i7 Processor 3,610QM (2.30Hz, 6MB L3 Cach
Memory 8 GB
Graphics Card NVIDIA® GeForce® GT 650M 2GB Graphics, Optimus™ techno
Sound Card SoundAlive™ JBL 3 Speakers (With sub-Woofer)
Monitor(s) Displays 39.62cm (15.6) SuperBright 300nit HD+ LED Display
Screen Resolution 1,600 x 900, Anti-Reflective
Hard Drives 1TB S-ATA II Hard Drive (5,400RPM)
|
21 Jul 2010
|
#8 | |
W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE Indian Territory |
Quote: When this workaround is implemented, the system may display most icons as a "white" default object icon, which does impact usability. It would have a very big impact on me, because I'm very visually oriented. I would prefer to risk having to reinstall everything, rather than install this. | | My System Specs | | System Manufacturer/Model Number DIY
OS W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
CPU Phenom II 1090T w/Noctua NH-D14 /**4400+ X2 w/CM Hyper TX 3
Motherboard ASRock 890FX Deluxe 4/**A8N-SLI
Memory 2 x 2GB Patriot PGS34g1600LLKA/**4x1GB Corsair VS
Graphics Card EVGA GTX460 SC/**EVGA 8800GTS
Sound Card Asus Xonar D2X/**Xonar D1
Monitor(s) Displays Acer X233H, Dell E152FPc /**LG M237-WD
Screen Resolution 1920x1080 & 1024x768/**1980x1080
Keyboard Logitech Media USB/**Saitek Eclipse
Mouse Cordless Trackman Wheel/**Ditto
PSU CM RS600 w/ APC BX1000G/**Antec 500 TP w/ APC BX1000
Case HAF922/**Antec 1040IIB
Cooling 3x200mm, 1x140 and 1x120mm/**5x80mm fans
Hard Drives WDC 2TB, 1.5TB, 1TB, 500GB,Seagate 500GB , Maxtor 80GB /**500GB Seagate & WDC 1TB Black
Internet Speed 3.3Mbps
Other Info SB 560 5.1 w/ Sennheiser RS140/**Creative T20 speakers, Dvico FusionHDTV7 Gold RT, Cisco E3000, HP 5510V AIO, Linksys E3000, Belkin F5U237 hub and **F5D8055 adapter
(** = 2nd rig)
|
22 Jul 2010
|
#9 | |
Windows 7 Home Premium 32 bit In a house with a cat trying to kill me |
Might be better to patch it. According to this article, MS may have a devil of a time fixing it.
Time will tell...
Windows Shortcut Bug May Be Hard to Patch Windows Shortcut Bug May Be Hard to Patch - PCWorld Quote: Microsoft may have a tough time fixing the Windows shortcut vulnerability, a security researcher said today.
A noted vulnerability expert, however, disagreed, and said Microsoft could deliver a patch within two weeks.
"The way Windows' shortcuts are designed is flawed, and I think they will have a very hard time patching this," said Roel Schouwenberg, an antivirus researcher with Moscow-based Kaspersky Lab.
Schouwenberg based his prediction that a patch may prove elusive on the fact that Microsoft has never faced a security issue with shortcuts, and thus has no security processes in place that it can quickly tweak. Quote: "This may take them awhile to patch," said Schouwenberg. "But the wider-scale use of this is imminent." | | My System Specs | | System Manufacturer/Model Number Dell Hell oh Well
OS Windows 7 Home Premium 32 bit
CPU Intel Core 2 Duo 2.93GHz
Memory Not much with my ADHD
Graphics Card ATI Radeon HD 4350
Monitor(s) Displays I have one...It's bright. A 19 inch CRT actually.
Keyboard It's 10 years old and amazingly still works
Mouse Same deal with the mouse, 10 yrs old, if it ain't broke...
Case Don't get on my case...man :D
Cooling I have an Air Conditioner & Diet Pepsi
Hard Drives 250 GB Main Drive, 2 - 1 TB Externals, various FD's.
|
23 Jul 2010
|
#10 | |
W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE Indian Territory |
| | My System Specs | | System Manufacturer/Model Number DIY
OS W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
CPU Phenom II 1090T w/Noctua NH-D14 /**4400+ X2 w/CM Hyper TX 3
Motherboard ASRock 890FX Deluxe 4/**A8N-SLI
Memory 2 x 2GB Patriot PGS34g1600LLKA/**4x1GB Corsair VS
Graphics Card EVGA GTX460 SC/**EVGA 8800GTS
Sound Card Asus Xonar D2X/**Xonar D1
Monitor(s) Displays Acer X233H, Dell E152FPc /**LG M237-WD
Screen Resolution 1920x1080 & 1024x768/**1980x1080
Keyboard Logitech Media USB/**Saitek Eclipse
Mouse Cordless Trackman Wheel/**Ditto
PSU CM RS600 w/ APC BX1000G/**Antec 500 TP w/ APC BX1000
Case HAF922/**Antec 1040IIB
Cooling 3x200mm, 1x140 and 1x120mm/**5x80mm fans
Hard Drives WDC 2TB, 1.5TB, 1TB, 500GB,Seagate 500GB , Maxtor 80GB /**500GB Seagate & WDC 1TB Black
Internet Speed 3.3Mbps
Other Info SB 560 5.1 w/ Sennheiser RS140/**Creative T20 speakers, Dvico FusionHDTV7 Gold RT, Cisco E3000, HP 5510V AIO, Linksys E3000, Belkin F5U237 hub and **F5D8055 adapter
(** = 2nd rig)
Fix it Released for Security Advisory 2286198 problems? All times are GMT -5. The time now is 01:34 AM. |  |
