Security Advisory 2286198 Updated

We’ve just updated Microsoft Security Advisory 2286198 to let customers know that we now have an automated “Fix It” available to implement the workaround we first outlined in our original posting on Friday, July 16, 2010. More information is available in the KB article 2286198, but in summary running the “Fix It” can help prevent attacks attempting to exploit this vulnerability. This workaround will disable some icons from being displayed so we recommend administrators test this before deploying it widely.

We’ve also updated the advisory with new information regarding possible attack vectors. Finally, we have included a new workaround that customers can implement to help protect their environments: blocking the download of LNK and PIF files (note that these files can be transferred over WebDav, so be sure to account for this protocol if you implement this workaround).

As always, we encourage customers to review this new information and to evaluate it for their environment while our teams continue their work to develop a security update that addresses this vulnerability.

As always, we’ll update the security advisory and this blog with new information as it becomes available.


Christopher Budd

Sr. Security Manager, Response Communications at Microsoft

Follow us on Twitter: @MSFTSecResponse