Apply the critical Security Bulletin MS10-046 for the Windows Shell vulnerability


Microsoft today released an Out of Band Security Update to address a .LNK vulnerability in Windows. MS10-046 addresses that vulnerability in Windows which has a maximum severity rating of Critical and an Exploitability Index rating of 1. The security vulnerability affects all supported editions of Windows XP, Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. It is recommended that customers deploy the updates as soon as possible to help protect their computers from criminal attacks. In order to continue to benefit from security releases, customers who are currently on unsupported version of Windows upgrade to the latest version of Windows.

 

More to come,

Mitch

 

Subscribe to the TechNet Flash newsletter

Comments (2)

  1. Chaplot says:

    Good point. Take a look at this post that talks about more ways to resolve MS10-046 on machines running XP SP2

    forum.maas360.com/…/ms10046-timing-is-everything-for-xpsp2

  2. RichieB says:

    This patch (listed as for XP Embedded only) actually works on any XP SP2 system:

    http://www.microsoft.com/…/details.aspx

    Thanks to
    blog.securityactive.co.uk/…/patching-windows-xp-sp2-for-the-shortcut-lnk-vulnerability-ms10-046
    for reporting this.