SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Microsoft)  >   Windows Shell Vendors:   Microsoft
Microsoft Windows Shell LNK Shortcut Processing Flaw Lets Users Execute Arbitrary Code
SecurityTracker Alert ID:  1024216
SecurityTracker URL:  http://securitytracker.com/id/1024216
CVE Reference:   CVE-2010-2568   (Links to External Site)
Updated:  Aug 2 2010
Original Entry Date:  Jul 16 2010
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2003 SP2, XP SP3, Vista SP2, 2008 SP2, 7, 2008 R2
Description:   A vulnerability was reported in Microsoft Windows Shell. A remote user can cause arbitrary code to be executed on the target user's system in certain cases.

A remote user can create specially crafted LNK (shortcut) file that, when the link icon is viewed by the target user, will automatically execute arbitrary code on the target system.

This can be exploited via USB storage devices to cause automatic code execution when the USB device directory is viewed via Microsoft Explorer or other file managers. This can also be exploited via a web site, remote share, or certain types of documents.

This vulnerability is being actively exploited.

Sergey I. Ulasen and Uleg Kopreev of VirusBlokAda reported this vulnerability. Andreas Marx and Maik Morgenstern of AV-Test reported this vulnerability.

The original advisory is available at:

http://anti-virus.by/en/tempo.shtml

Impact:   A remote user can create a shortcut file with an icon that, when viewed by the target user via a file manager, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=12361875-B453-45E8-852B-90F2727894FD

Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=3B44BD67-48E2-497F-9165-42A702E2CC0D

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=32FE91EF-5A8D-4095-90EE-2CA216696B09

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=923DE214-C4FA-41E6-8307-2C5A37F13E8E

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=63AA5F8A-FE47-4892-B905-B54E4F3B6580

Windows Vista Service Pack 1 and Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=52748886-6280-4247-8CBD-F64DB229EE66

Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=37648E95-05C2-4802-9A0F-660200BAA229

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=3AABD189-7D4C-4C9F-8854-F33127B1C309

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=29C6FC2D-D318-4A63-9AB2-82E84272AAF2

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=CFE227B5-6660-49F8-9D71-A997DD83DE0B

Windows 7 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=22E62B5C-E4C1-47D0-AE4A-8BD2D70D0A0A

Windows 7 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=9499F771-C388-4DE3-A5C7-8CC8B00B4395

Windows Server 2008 R2 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=0D9DD09B-DB40-462B-88B0-4DBB8180E81F

Windows Server 2008 R2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=CE2BB5D4-F661-44E3-AC28-0B81F7B72670

A restart is required.

The vendor's advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms10-046.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms10-046.mspx (Links to External Site)
Cause:   Input validation error
Underlying OS:  

Message History:   None.


 Source Message Contents

Date:  Fri, 16 Jul 2010 19:33:03 +0000
Subject:  Microsoft Windows


http://anti-virus.by/en/tempo.shtml


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC