Microsoft released emergency patch to fix LNK icon vulnerability

On August 3, Microsoft released an emergency high-risk patch to fix vulnerabilities in various versions of Windows operating system to solve the security risks caused by LNK icon vulnerabilities. . Users can use the bug fix function of the cow antivirus to patch the system in time to eliminate computer hidden dangers.
It is understood that this is the third time in the history of Microsoft to issue an emergency patch. Microsoft Security Response Center spokesperson Christopher? ? Christopher Budd said: "In the past few days, we have seen an increase in attacks that attempt to exploit this vulnerability. We are convinced that releasing this security update outside of the patch cycle is the best way to protect our users."

Previously, many domestic security vendors have discovered a large number of attacks using LNK icon vulnerabilities. The official Microsoft Security Advisory (No. 2286198) shows that Windows has errors in parsing shortcuts. When a user browses a folder or USB flash drive containing a malicious shortcut, Windows attempts to load the icon of the malicious shortcut and activate the virus file. So it caused the phenomenon of "getting poisoned when you look at the icon".

The company has also intercepted several Trojans and variants that have been exploited by this vulnerability, and the attack methods have been escalated. As long as the user sees the shortcut icon of the malicious structure, it will cause a remote attack by the Trojan, and continuously download various Trojan viruses to the user's computer.

Currently, all versions of Windows include LNK icon vulnerabilities, including Windows 7 SP1 Preview and Windows XP SP2 and Windows 2000 with technical support. But the cattle security experts found that the patch released by Microsoft this time still supports the "SP2" version very well.