Fails to protect against latest windows .lnk exploit vulnerability

CIS fails protect against latest windows .lnk exploit. Tested myself with the POC mentioned here.

Too bad that version 5 beta fails too and there seems no way to intercept it.

He is not referring to link exploit at all, as no script is involved in this exploit.

I don’t think you need to worry about it. Microsoft is releasing a security patch for it on Monday Aug. 2

Yes too bad CIS failed to protect against this vulnerability. I know they have added a signature to the file but it seems D+ and the sandbox are ineffective against this vulnerability.

I know that but I wish CIS could have stopped it at day zero and I think they must add a way to intercept this vulnerability. Infact dll execution interception must be handled in some clever way.

Hi Aigle. I will stand corrected, but dosent Hitman pro version 108 have protection for this exploit?. As i have it installed, then does this not mean i can relax until either micro soft or Comodo get it sorted?.


Of course I am not panic. Just wanted them to realize this issue.

Looks like MS transformed the issue into an non-issue. ;D

Not for XP though.

XP SP3. I’ve installed it yesterday at work. It doesn’t work as intended? ???

[attachment deleted by admin]

I thought MS did not released official patch for XP. Am I wrong?

I got the patch for XP SP3

I believe it is not available for SP2 or earlier unsupported OS.
Even though the vulnerability affects all MS OS’s.