CPLINK Security Threat

by Marc Liron - Microsoft MVP (Windows Desktop)

What is this new Windows security threat?

CPLINK (and Win32/CplLnk.A) are names for a Microsoft Windows shortcut icon vulnerability discovered in June 2010 and patched by Microsoft on 2 August 2010 - that affected ALL Windows operating systems.

The vulnerability is exploitable when any Windows application that display shortcut icons, such as Windows Explorer, browses to a folder containing a malicious shortcut.

The exploit can be triggered without any user interaction, regardless where the shortcut file is located!!!

 This is a new zero-day (brand new) vulnerability that is currently being adopted by authors of malware software to infect YOUR computer.

 Of major concern to me is that some current malware, infecting users computers, bypasses all Windows security mechanisms, including UAC (Vista and 7), and doesn't require administrative privilege to run.

              This is a CRITICAL flaw in how Windows handles icons...

In the following video Sophos security expert "Chet" explains the Windows Shortcut Exploit and does a live demo to show how it works. He also shows more about the Sophos "Windows Shortcut Exploit Protection Tool" HOWEVER, this is no longer needed as Microsoft have since issued critical security patches for Windows - please see the links below the video!

.

# Windows/Microsoft Update

The majority of Windows users have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically.

# Manually Download & Install

You can manually visit the Microsoft Update site for the required patch.

OR you can use one of individual download links available at the:

Microsoft Security Bulletin MS10-046 - Information Page

# Please Note:

1) Windows 7 Service Pack 1 Beta and Windows Server 2008 R2 Service Pack 1 Beta are affected by the vulnerability described in this bulletin. Customers running these beta releases are encouraged to download and apply the update to their systems.

2) As the following are no longer supported by Microsoft: Windows XP, Windows XP SP1, Windows XP SP2 - NO security patches are available for computers running these versions of Windows XP. If this is the case to you then use the free Sophos Tool HERE.

Make sure you are up to speed on Security issues with my PC Security Guides today