Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution Vulnerability

Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution Vulnerability

Microsoft Windows is prone to a vulnerability that may allow a file to automatically run because the software fails to properly handle 'LNK' files or 'PIF' files.

An attacker may exploit this issue to execute arbitrary code. The attacker must entice a victim to view a specially crafted shortcut.

NOTE: This issue is being exploited in the wild with W32.Stuxnet (previously known as W32.Temphid).

This issue affects Microsoft Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008.