1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Microsoft Windows Shell Vulnerability (Advisory 2286198)

Report ID: SA201006485
Source: F-Secure
Date of Discovery: 03.08.2010
Criticality: Critical
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2

Compromise From: From remote
Compromise Type: Remote code execution


A vulnerability in Windows Shell could allow an attacker to execute arbitrary code and gain system access via a malicious shortcut file.

Detailed Description

Microsoft has released a security update to resolve a vulnerability issue in WIndows Shell, which is caused by incorrect validation of specific parameters when attempting to load a shortcut's icon.

User could be affected by the vulnerability by:

  • opening a removable drive containing the malicious shortcut file and the associated malicious binary 
  • browsing a malicious website, and loading the icon of the shortcut file
  • opening a specially crafted document that supports embedded shortcuts or a hosted browser control

A successful exploit of the vulnerability could allow a remote attacker to run arbitrary code and take control of the affected system.


Original Reference

CVE Reference