Code execution via shortcuts in Microsoft Windows

Revealed the possibility to code because of shortcuts in Microsoft Windows. In this Monday Microsoft released a description of this vulnerability and patch for it, and patch extraordinary because he went to the official patches Tuesday to be held next week. Microsoft provides patches Tuesdays on the second Tuesday of each month.

Vulnerable products: Microsoft Windows XP, Windows 2003 Server, Windows Vista, Windows 2008 Server, Windows 7.

Implementation code is displaying the shortcut icons. This vulnerability can be used not only locally but also remotely. Including attack can vibduvatysya over the Internet when the user visits a specially created site in Internet Explorer or Windows Explorer.

Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2,286,198) ( details )