“This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”Here is some more Tech News from around the web:
- DIY Guided Missile (…err model rocket) @ Hack a Day
- Fallout 3 replica weapons @ MAKE:Blog
- Gmail supports multiple logins now … really @ Google
- IE gains market share at the expense of Firefox, Chrome @ Ars Technica
- Kingston announces water-cooled memory @ The Inquirer
- The True Health Risks of 3D TV @ Digital Trends
- RFID chips snooped from 66 metres @ The Register
It’s not patch Tuesday but you should hit Windows Update
Earlier in July a rather nasty Windows flaw that takes advantage of the way that Windows displays Control Panel shortcuts to install a rootkit on your system appeared. Simply displaying the icon, via explorer for instance, would give the attacker control and that control was targeted at a rather specific and unpleasant task, the disruption of programs used to control and monitor large manufacturing plants. As [H]ard|OCP has reminded everyone today, there is a patch which was released yesterday to fix this vulnerability which you should probably grab.
