Microsoft Updates Latest Security Advisory, Adds Fix-It Solution - gHacks Tech News

Microsoft Updates Latest Security Advisory, Adds Fix-It Solution

A new Windows security vulnerability was disclosed a few days ago. The Windows Shell Vulnerability allows attackers to execute code with specifically prepared .lnk or .pif files.

The security issue can be exploited automatically by connecting a removable storage device to a Windows computer. It is also possible to exploit the issue through WebDav or the Internet.

All recent Microsoft operating systems are affected by the vulnerability. Microsoft today, has updated the Security Advisory.

The update now links to a Fix-It solution, which basically is a one-click solution to correct the issue.

The program will disable .lnk and .pif file functionality, which will change the graphical representation of icons in the Windows Taskbar and Start Menu. The images below show the changes.

start menu
start menu
blank icon
blank icon

The blank icons can be highly confusing, especially for users who did not apply the fix manually but run the Fix-It which does it automatically instead. It is advised to test it thoroughly before implementing it in a computer network.

Microsoft provides a Fix-It to enable or disable the workaround to protect the computer system from the attack.

Microsoft has also updated the manual workaround.

1. Click Start, click Run, type Regedit in the Open box, and then click OK.
2. Locate and then click the following registry key:

HKEY_CLASSES_ROOT\lnkfile\shellex\IconHandler
3. Click the File menu and select Export.
4. In the Export Registry File dialog box, enter LNK_Icon_Backup.reg and click Save.
Note This will create a backup of this registry key in the My Documents folder by default
5. Select the value (Default) on the right hand window in the Registy Editor. Press Enter to edit the value of the key. Remove the value, so that the value is blank, and press Enter.
6. Locate and then click the following registry key:
HKEY_CLASSES_ROOT\piffile\shellex\IconHandler
7. Click the File menu and select Export.
8. In the Export Registry File dialog box, enter PIF_Icon_Backup.reg and click Save.
Note This will create a backup of this registry key in the My Documents folder by default.
9. Select the value (Default) on the right hand window in the Registy Editor. Press Enter to edit the value of the key. Remove the value, so that the value is blank, and press Enter.
10. Log all users off and on again, or restart the computer.

The manual workaround has the same effect as the Fix-It solution.

Microsoft furthermore recommends to block the download of lnk and pif files, but does not go into detail on how to do that.

Visit the updated security advisory for additional information.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Ivan said on July 24, 2010 at 1:19 am
    Reply

    It also kills icons in start menu folders and the quick start.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.