How To Temporarily Fix Windows Shortcut Zero-Day Attacks

According to Microsoft, "The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit can also be included in specific document types that support embedded shortcuts."


Also from Microsoft, "An attacker could also set up a malicious Web site or a remote network share and place the malicious components on this remote location. When the user browses the Web site using a Web browser such as Internet Explorer or a file manager such as Windows Explorer, Windows will attempt to load the icon of the shortcut file, and the malicious binary will be invoked. In addition, an attacker could embed an exploit in a document that supports embedded shortcuts or a hosted browser control (such as but not limited to Microsoft Office documents)."

In the absence of a patch, you can download a "Fix-It" tool provided by Microsoft to temporarily fix the Windows Shortcut Zero-Day Attacks . The automated "Fix-It" tool disables the vulnerable .LNK and .PIF file functionality of the Windows machine.

Download the automated "Fix-It" tool here.