Barney's Blog

Blog archive

Hacker Shortcut Blocked

A new exploit, the so-called shortcut flaw, is closed as of today -- so long as you download the patch.

Here what this flaw is all about: Hackers use the Windows Shell to distribute nasty code that exploits Windows desktop shortcuts. The biggest problem? One need not to click the shortcut for the malicious code to activate.

Microsoft only releases out-of-band, or non-Patch Tuesday patches in the direst of circumstances, so I'm guessing this is a pretty big deal, especially as Microsoft deems the flaw as ‘critical.' Microsoft noted that it also affects XP SP2, but these users won't be getting a patch; Microsoft ended patch support for XP SP2 on July 13.

Posted by Doug Barney on 08/02/2010 at 1:18 PM


Featured

  • Azure Active Directory Connect Preview Adds Support for Disconnected AD Forests

    Microsoft on Thursday announced a preview of a new "Cloud Provisioning" feature for the Azure Active Directory Connect service that promises to bring together scattered Active Directory "forests."

  • Microsoft Defender ATP Gets macOS Investigation Support

    The endpoint and detection response (EDR) feature in Microsoft Defender Advanced Threat Protection (ATP) has reached the "general availability" stage for macOS devices.

  • How To Block Self-Service Purchasing in Microsoft's Power Platform

    Microsoft threw Office 365 admins a bone when it gave them the ability to block users from purchasing Power Platform tools without IT approval. Here's how to prevent total anarchy.

  • Azure DevOps Services Losing Support for Alternate Credentials

    Microsoft gave notice last week that it's going to drop Alternate Credentials support for authenticating users of its Azure DevOps Services.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.