Microsoft has made a breakthrough in their advisory for the recently-disclosed shortcut-handling vulnerability that affects all the versions that Windows has.
Make Way for the New Fix-it
A “Fix-it” will now be able to provide to implement the workaround for the vulnerability before the patch was made available to the public. The Fix-it implements a hack that is designed to disable .LNK and .PIF functionality of the program. A corresponding Fix-it will also be provided so you can undo the workaround.
In case there was a cause for argument, an earlier update to the advisory made it clear that Microsoft is working on a patch as of now. The advisory notes that the .PIF files are much older and dates back to MS-DOS. These can also be used to exploit the vulnerability. Users who have previously made use of a workaround that blocked all of the .LNK files should take note of this fact and account for .PIFs.
F-Secure explains how the attack can also be committed using shortcuts embedded in a document which includes but is not limited to Microsoft Office documents. Microsoft has informed all the AV companies that your best defense against this form of attach is an updated antivirus program that is designed to specifically scan documents such as these. In any case, they are the ones in the best position to protect against it.
Microsoft has just released a Microsoft Security advisory (2286198) concerning this issue for the IT professionals who want to know. The security advisory contains the additional security related information. In order to view this security advisory, you must visit the Microsoft Web site, http://www.microsoft.com/technet/security/advisory/2286198.mspx.
For Microsoft to fix the problem, you should go to the “Fix it for me” section. If you want to fix the problem yourself, you can go to the “Let me fix it myself” section.
Choosing Fix it For Me
To apply the workaround that disables .LNK and .PIF file functionality automatically on a computer that is running Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 or Windows Server r2, you have the option of clicking the Fix this problem link under Enable workaround. To undo the workaround, you can click the Fix this problem link under Disable workaround. In either of these scenarios, click Run in the File Download dialog box and follow the steps in the Fix it wizard.
If you apply the Fix it will require the machine to restart. The installation of the Fix it will most likely prompt the user before you restart the system. Enterprise deployments allow for the program’s unattended installation with the following display options:
/quiet Quiet mode, no user interaction
/passive Unattended mode – progress bar only
/q[n|b|r|f] Sets user interface level n – No UI
b – Basic UI
r – Reduced UI
f – Full UI (default)
Restart Options:
/norestart Do not restart after the installation is complete
/promptrestart Prompts the user for restart if necessary
/forcerestart Always restart the computer after installation
As you apply the fix-it, it will remove the graphical representation of icons on the Task bar and Start menu bar. This will allow the replacement of these representations with white icons.
