imageLooks like the Microsoft Security Response Team announced an update to 2286198:

We've just updated Microsoft Security Advisory 2286198 to let customers know that we now have an automated "Fix It" available to implement the workaround we first outlined in our original posting on Friday, July 16, 2010. More information is available in the KB article 2286198, but in summary running the "Fix It" can help prevent attacks attempting to exploit this vulnerability. This workaround will disable some icons from being displayed so we recommend administrators test this before deploying it widely.

We've also updated the advisory with new information regarding possible attack vectors. Finally, we have included a new workaround that customers can implement to help protect their environments: blocking the download of LNK and PIF files (note that these files can be transferred over WebDav, so be sure to account for this protocol if you implement this workaround).

For all the details and the latest information see Security Advisory 2286198 Updated

J.C. Hornbeck | System Center Knowledge Engineer

clip_image001 clip_image002

Bookmark and Share