Fix it Released for Security Advisory 2286198
-
I implemented the MS fix and verified the REG entries. It does NOT effect your current desktop or taskbar icons. It will however blank any NEW shortcut icons that are added to the desktop or taskbar. Here is a snip from my desktop with existing CCleaner shortcut (it did not change) and new CCleaner shortcut (new one now blank)
In the start menu under all programs, ALL the icons are now blank.
Not a big deal unless you are making lots of changes to the desktop or taskbar.
I will leave it SAFE for now and see when the fix comes out.
Jim
-
-
I applied the fix but opted to re-enable the icons because it was too difficult to navigate my taskbars.
-
I implemented the MS fix and verified the REG entries. It does NOT effect your current desktop or taskbar icons. It will however blank any NEW shortcut icons that are added to the desktop or taskbar. Here is a snip from my desktop with existing CCleaner shortcut (it did not change) and new CCleaner shortcut (new one now blank)
In the start menu under all programs, ALL the icons are now blank.
Not a big deal unless you are making lots of changes to the desktop or taskbar.
I will leave it SAFE for now and see when the fix comes out.
Jim
Can the attack utilize current shortcuts that are still usable on your desktop?
-
I think it just get exploited when a new shortcut icon is created and the fix turns off some of that process. I have to trust MS that this temp fix will stop the exploit.
Reminds me of the story where a guy is walking down the street snapping his fingers. Another guy asks him what he is doing. First guy said it keeps the elephants away. Second guy says, there are no elephants around here. First guy replies, its works pretty good.
I have not been exploited since I did the fix, so it works pretty good.
Jim
-
-
-
I think it just get exploited when a new shortcut icon is created and the fix turns off some of that process. I have to trust MS that this temp fix will stop the exploit.
I can't help but think of how it could be modified to effect older .lnks. Hopefully a full patch is coming soon.
Reminds me of the story where a guy is walking down the street snapping his fingers. Another guy asks him what he is doing. First guy said it keeps the elephants away. Second guy says, there are no elephants around here. First guy replies, its works pretty good.
That's great. Thanks for sharing.
-
The .LNK or icon security problem
-
-