Workaround from Microsoft to fix the issue related to CVE-2010-2568

Microsoft is working hard to fix the issue related to CVE-2010-2568 and to release the security updates as early as possible to patch vulnerable systems. Meanwhile, Microsoft has released a Microsoft security advisory (2286198) which lists the set of workarounds. Workarounds refers to “a setting” or “configuration change” that does not correct the underlying issue but would help block known attack using the vulnerability.

Microsoft has tested the workarounds and states in the discussion whether a workaround has some side effects.
• Disable the displaying of icons for shortcuts
• Disable the WebClient service
• Block the download of LNK and PIF files from the Internet

Additionally, Microsoft Support has a Knowledge Base Article which includes their one click “Fix it” buttons to implement the workarounds which enable/disables .LNK and .PIF file functionality automatically.

Knowledge base also has a detailed interactive method to implement the workaround yourself.

Prakash Jagdale

Prakash Jagdale

No Comments, Be The First!

Your email address will not be published.