Fix for .LNK Flaw Promised for Monday

July 30, 2010

A couple of weeks ago, I posted a note about a newly reported Windows vulnerability, related to Windows “shortcut” files, which have a .LNK extension.  (The vulnerability is documented in Microsoft Security Advisory 2286198.)  A few days later, there were reports of an exploit being published, and apparently some well-known malware sources have begun to include exploits for this flaw in their offerings.

Microsoft has now announced, in a TechNet blog post,  that it will release an out-of-schedule patch to fix this vulnerability on Monday, August 2, at around 10:00 AM PDT.  According to the announcement, Microsoft has been seeing an increasing number of attacks directed against this vulnerability.

I will post another note when the fix is actually available, or if I get any more information.


%d bloggers like this: