Microsoft Windows XP Explorer Self-Executing Folder Vulnerability

A vulnerability has been reported in Microsoft Windows XP that may result in execution of malicious code in the context of the currently logged in user. The flaw exists in Windows Explorer and may allow for executable content that is referenced from inside of a folder to be executed automatically when the folder is accessed.

This vulnerability poses a security risk since it is assumed that opening a folder is a safe action and that executable content cannot be run when a folder is accessed. Additionally, it has been reported that this issue may be exploitable remotely if the malicious folder is accessed from an SMB share.


Privacy Statement
Copyright 2010, SecurityFocus