• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Malicious Shortcut Handling Remote Code Execution Variant Vulnerability

Solution:
Microsoft has released fixes to address this vulnerability in supported platforms.

Avaya has released advisory ASA-2005-214 to state which Avaya products are affected by The October 2005 release of Microsoft Windows security updates. Please see the referenced advisory for further information.

Nortel Networks has released a technical support bulletin (2005006318) regarding this and other issues for their Centrex IP Client Manager (CICM). They report the vulnerabilities will be fixed in the upcoming 2.5, 7.0 and 8.0 maintenance releases. Please see the referenced bulletin for further information.


Microsoft Windows 2000 Advanced Server SP4

• Microsoft Security Update for Windows 2000 (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=1F063C4A-B0BF -49C6-928B-F1F076C69612&displaylang=en

Microsoft Windows XP Tablet PC Edition SP1

• Microsoft Security Update for Windows XP (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=F7241DEB-9E2D -401A-9D71-10ACAB4450AF&displaylang=en

Microsoft Windows 2000 Datacenter Server SP4

• Microsoft Security Update for Windows 2000 (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=1F063C4A-B0BF -49C6-928B-F1F076C69612&displaylang=en

Microsoft Windows XP Media Center Edition SP1

• Microsoft Security Update for Windows XP (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=F7241DEB-9E2D -401A-9D71-10ACAB4450AF&displaylang=en

Microsoft Windows XP Home SP1

• Microsoft Security Update for Windows XP (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=F7241DEB-9E2D -401A-9D71-10ACAB4450AF&displaylang=en

Microsoft Windows 2000 Server SP4

• Microsoft Security Update for Windows 2000 (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=1F063C4A-B0BF -49C6-928B-F1F076C69612&displaylang=en

Microsoft Windows 2000 Professional SP4

• Microsoft Security Update for Windows 2000 (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=1F063C4A-B0BF -49C6-928B-F1F076C69612&displaylang=en

Microsoft Windows XP Professional SP1

• Microsoft Security Update for Windows XP (KB900725)
  http://www.microsoft.com/downloads/details.aspx?familyid=F7241DEB-9E2D -401A-9D71-10ACAB4450AF&displaylang=en