Vulnerability in Windows Shell Could Allow Remote Code Execution
August 03, 2010
This security update is rated Critical for all supported editions of Microsoft Windows. The security update addresses the vulnerability by correcting validation of shortcut icon references.
Executive Summary
This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for all supported editions of Microsoft Windows. The security update addresses the vulnerability by correcting validation of shortcut icon references.
This security update addresses the vulnerability first described in Microsoft Security Advisory 2286198.
Public Bulletin Webcast
Microsoft will host a webcast to address customer questions on this bulletin:
Title: Information About Microsoft's August 2010 (Out-of-Band) Security Bulletin Release
Date: Monday, August 02, 2010, at 1:00 P.M. Pacific Time (U.S. & Canada).
URL: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032456779
Public Resources related to this alert
New Security Bulletin Technical Details
In the following tables of affected and non-affected software, software editions that are not listed are past their support lifecycle. To determine the support lifecycle for your product and edition, visit the Microsoft Support Lifecycle website at http://support.microsoft.com/lifecycle/.
| Bulletin Identifier | Microsoft Security Bulletin MS10-046 |
| Bulletin Title | Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) |
| Executive Summary | This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. The security update addresses the vulnerability by correcting validation of shortcut icon references. This security update also addresses the vulnerability first described in Microsoft Security Advisory 2286198. |
| Affected Software | This security update is rated Critical for all supported editions of Microsoft Windows. |
| CVE, Exploitability Index Rating | - CVE-2010-2568: Shortcut Icon Loading Vulnerability (EI = 1)
|
| Attack Vectors | - A maliciously crafted shortcut file.
- Common delivery mechanisms: a maliciously crafted Web page, an e-mail attachment, an instant message, a peer-to-peer file share, a network share, and/or a USB thumb drive.
|
| Mitigating Factors | - Users would have to be persuaded to visit a malicious web site.
- Exploitation only gains the same user rights as the logged-on account. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Blocking outbound SMB connections on the perimeter firewall reduces the risk of remote exploitation using file shares.
|
| Restart Requirement | The update will require a restart. |
| | |