Title: Microsoft Windows Shell LNK File Parsing Arbitrary Command Execution
Jul 16, 2010
Jul 18, 2010
Sep 02, 2010
Windows contains a flaw that may allow an attacker to execute arbitrary code. The issue is triggered by a specially crafted .LNK or .PIF shortcut file which contains an icon resource that points to a malicious DLL file.
Local / Remote,
Loss of Integrity
Discovered in the Wild
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.