Microsoft warn of Windows Shell Critical Vulnerability

Mike Halsey MVP
Jul 18, 2010
Updated • Jun 11, 2014
Microsoft
|
2

Microsoft have warned of a critical vulnerability in Windows Shell, caused when parsing .lnk shortcuts that can automatically launch a malicious program through use of a specially crafted shortcut.

The vulnerability affects all versions of Windows including XP and Windows 7.   On Windows 7 the exploit can bypass the operating system's security as it does not require administrative privileges to run. The user account control is also not helping in this case as it won't be triggered by the exploit.

In a statement Microsoft said...

Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as well as workarounds and mitigations for this issue.

The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the user clicks the displayed icon of a specially crafted shortcut. This vulnerability is most likely to be exploited through removable drives. For systems that have AutoPlay disabled, customers would need to manually browse to the root folder of the removable disk in order for the vulnerability to be exploited. For Windows 7 systems, AutoPlay functionality for removable disks is automatically disabled.

The exploit requires removable-media, such as a USB flash drive, and with auto-play enabled or with the user browsing manually to removable media.

Affected Software
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems

Here is a video that demonstrates the exploit on a PC running Windows 7.

The best way to protect your system against exploits is to use antivirus software that can detect it properly.

Update: Microsoft has patched the vulnerability in recent versions of Windows. If your version of Windows is patched to the latest version, you should not have to worry about it anymore.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Some Dude said on March 19, 2023 at 11:42 am
    Reply

    Are these articles AI generated?

    Now the duplicates are more obvious.

    1. boris said on March 19, 2023 at 11:48 pm
      Reply

      This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.

  2. Paul(us) said on March 20, 2023 at 1:32 am
    Reply

    Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
    1.) Excel Keyboard Shortcuts by Trevor Monteiro.
    2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro

    Why oh why?

    1. Clairvaux said on September 6, 2023 at 11:30 am
      Reply

      Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?

  3. John G. said on August 18, 2023 at 4:36 pm
    Reply

    Probably they will announce that the taskbar will be placed at top, right or left, at your will.

    Special event by they is a special crap for us.

  4. yanta said on August 18, 2023 at 11:59 pm
    Reply

    If it’s Microsoft, don’t buy it.
    Better brands at better prices elsewhere.

  5. John G. said on August 20, 2023 at 4:22 am
    Reply

    All new articles have zero count comments. :S

  6. Anonymous said on September 5, 2023 at 7:48 am
    Reply

    WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
    It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage

    I have O365 until end of this year, mostly for onedrive and probably will jump into google one

  7. St Albans Digital Printing Inc said on September 5, 2023 at 11:53 am
    Reply

    Photo storage must be kept free because customers chose gadgets just for photos and photos only.

  8. Anonymous said on September 5, 2023 at 12:47 pm
    Reply

    What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?

    1. GG said on September 6, 2023 at 8:24 am
      Reply

      Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.

      I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.

      And now that they discovered what poor management results in do they go back and do the album feature properly?

      Nope, just charge the customer twice.

      Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.

  9. d3x said on September 5, 2023 at 7:33 pm
    Reply

    When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?

  10. Scroogled said on September 5, 2023 at 10:47 pm
    Reply

    Instead of a software company, Microsoft is now a fraud company.

  11. ard said on September 7, 2023 at 4:59 pm
    Reply

    For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
    quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
    unquote

    so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.

  12. Andy Prough said on September 7, 2023 at 6:52 pm
    Reply

    >”Now You: what is your theory?”

    That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.

    Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.

  13. TelV said on September 8, 2023 at 12:04 pm
    Reply

    Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.

  14. Anonymous said on September 18, 2023 at 1:23 pm
    Reply

    The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.