Status Tracking Note JVNTR-2010-20

Vulnerability in Microsoft Windows Shell (CVE-2010-2568, MS10-046, TA10-222A)

Overview

A vulnerability exists in Microsoft Windows Shell.
Event Information


Date (UTC)Description
2010-08-10 19:22 US-CERT
TA10-222A: Microsoft Updates for Multiple Vulnerabilities
Technical Cyber Security Alert publised via US-CERT Mailing List.
Public notification for "Microsoft Security Bulletin Summary for August 2010"
2010-08-03 02:30 JPCERT/CC
JPCERT-AT-2010-0019: Unscheduled patch released for vulnerability in Windows Shell
Public notification for "Microsoft Security Bulletin Summary for August 2010 (out-of-band) "
2010-08-02 18:58 Microsoft
MS10-046: Microsoft Security Bulletin Summary for August 2010 (out-of-band)
Security Update (MS10-046) released.
2010-08-02 17:55 US-CERT
Microsoft Releases Out-of-Band Security Bulletin to Address Shortcut Vulnerability
US-CERT Current Activity
Public notification for "Microsoft Out-of-Band Security Bulletin"
2010-08-02 17:22 SANS Internet Storm Center
Microsoft Out-of-Band bulletin addresses LNK/Shortcut vulnerability
Public notification for "Microsoft Out-of-Band Security Bulletin"
2010-07-30 17:55 Microsoft
ms10-aug: Microsoft Security Bulletin Advance Notification for August 2010 (out-of-band)
Advance notification for out-of-band Security Update (2010/08/02) .
2010-07-29 21:23 Microsoft
Out of Band Release to address Microsoft Security Advisory 2286198
Advance notification for out-of-band Security Update (2010/08/02) .
2010-07-27 11:37 Trend Micro
ZeuS/ZBOT and SALITY Jump on the LNK Exploit Bandwagon
TrendLabs | Malware Blog - by Trend Micro
This vulnerability is being actively exploited in the wild.
2010-07-22 14:55 Trend Micro
Exploits for Windows Shortcut Vulnerability in the Wild
TrendLabs | Malware Blog - by Trend Micro
This vulnerability is being actively exploited in the wild.
2010-07-22 14:55 Trend Micro
Exploits for Windows Shortcut Vulnerability in the Wild
TrendLabs | Malware Blog - by Trend Micro
This vulnerability is being actively exploited in the wild.
2010-07-22 07:07 Symantec
ThreatCON (2) => (2)
2010-07-21 01:38 Microsoft
Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could AllowRemote Code Execution
Fix it (Disable the displaying of icons for shortcuts) published.
2010-07-19 03:55 Trend Micro
USB Worm Exploits Windows Shortcut Vulnerability
TrendLabs | Malware Blog - by Trend Micro
This vulnerability is being actively exploited in the wild.
2010-07-17 00:12 Microsoft
Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could AllowRemote Code Execution
Security Advisory (2286198) published.
2010-07-15 11:34 F-Secure
Espionage Attack Uses LNK Shortcut Files
F-Secure Weblog : News from the Lab
This vulnerability is being actively exploited in the wild.
2010-07-15 10:30 F-Secure
More Analysis of Case LNK Exploit
F-Secure Weblog : News from the Lab
Exploit:W32/WormLink.A
2010-07-15 Trend Micro
LNK_STUXNET.A
2010-07-13 Symantec
W32.Stuxnet (W32.Temphid)
2010-07-07 VirusBlokAda
Rootkit.TmpHider
This vulnerability is being actively exploited in the wild.
2010-06-17 VirusBlokAda
Rootkit.TmpHider
Malware Analysis report published: Trojan-Spy.0485, Malware-Cryptor.Win32.Inject.gen.2

Reference

Date first published (UTC): 2010-07-31T06:23+00:00
Date last updated (UTC): 2010-08-14T15:20+00:00
Valid HTML 4.01!