KiZAN News

Vulnerability in Windows Shell Could Allow Remote Code Execution

August 03, 2010

Executive Summary

This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for all supported editions of Microsoft Windows. The security update addresses the vulnerability by correcting validation of shortcut icon references.

This security update addresses the vulnerability first described in Microsoft Security Advisory 2286198.

Public Bulletin Webcast

Microsoft will host a webcast to address customer questions on this bulletin:

Title: Information About Microsoft's August 2010 (Out-of-Band) Security Bulletin Release

Date: Monday, August 02, 2010, at 1:00 P.M. Pacific Time (U.S. & Canada).

URL: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032456779

Public Resources related to this alert

Security Bulletin MS10-046 – Vulnerability in Windows Shell Could Allow Remote Code Execution: http://www.microsoft.com/technet/security/bulletin/MS10-046.mspx/

Security Advisory 2286198 – Vulnerability in Windows Shell Could Allow Remote Code Execution: http://www.microsoft.com/technet/security/advisory/2286198.mspx

Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc/

Microsoft Security Research & Defense (SRD) Blog: http://blogs.technet.com/srd/

Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc/

Microsoft Security Development Lifecycle (SDL) Blog: http://blogs.msdn.com/sdl/

New Security Bulletin Technical Details

In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle website at http://support.microsoft.com/lifecycle/.

Bulletin Identifier		Microsoft Security Bulletin MS10-046
Bulletin Title		Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
Executive Summary		This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. The security update addresses the vulnerability by correcting validation of shortcut icon references. This security update also addresses the vulnerability first described in Microsoft Security Advisory 2286198.
Affected Software		This security update is rated Critical for all supported editions of Microsoft Windows.
CVE, Exploitability Index Rating		CVE-2010-2568: Shortcut Icon Loading Vulnerability (EI = 1)
Attack Vectors		A maliciously crafted shortcut file. Common delivery mechanisms: a maliciously crafted Web page, an e-mail attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
Mitigating Factors		Users would have to be persuaded to visit a malicious web site. Exploitation only gains the same user rights as the logged-on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Blocking outbound SMB connections on the perimeter firewall reduces the risk of remote exploitation using file shares.
Restart Requirement	The update will require a restart.

Bulletins Replaced by This Update

None

Publicly Disclosed?
Exploited?

Yes – this vulnerability was publicly disclosed prior to release. More information is contained in Microsoft Security Advisory 2286198.

Yes – this vulnerability has been exploited in the wild at release.

Full Details

http://www.microsoft.com/technet/security/bulletin/MS10-046.mspx

Our News

Once again KiZAN proves to be flexible!

October 05, 2011

KiZAN Technologies was awarded the Alfred P. Sloan Award for Business Excellence in Workplace Flexibility. Read More

The Circuit’s Scholarship Golf Outing Overcomes The Elements

August 02, 2011

Robert Steele, co-chair and managing partner of KiZAN, added, “We fully support this event and realize how important the scholarships are for the students. It’s very rewarding to be a part of the outing’s success and a way to give back to the community.” Read More

AIKCU Announces KiZAN as Business Partner

April 14, 2011

Joe Kipp has some news on Win7 & Server 2008 R2... read more here!

February 11, 2011

Windows Server 2008 R2 and Windows 7 SP1 were released to manufacturing on the 9th, they will be available for download on the 16th to MSDN and TechNet users, with general availability on the 22nd of February. Let the downloading begin! Read More

KiZAN is hiring top-notch IT professionals for all locations

February 02, 2011

KiZAN is hiring Marketing Associates

December 14, 2010

KiZAN is Hiring Marketing Associates Read More

KiZAN can get you "Lync'd" up!

November 11, 2010

KiZAN is proud to help sponsor The Alltech FEI World Equestrian Games!

August 26, 2010

View All News