Follow:

 

Exploit:Win32/CplLnk.B


Microsoft security software detects and removes this threat.

Exploit:Win32/CplLnk.B is a detection for specially-crafted, malicious shortcut files that exploit the vulnerability described by CVE-2010-2568 and resolved with the release of Microsoft Security Bulletin MS10-046.

If you browse a folder that contains the malicious shortcut using a program that displays shortcuts, like Windows Explorer, the malware runs.



What to do now

The following Microsoft security software detects and removes this threat:

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

Additional recovery instructions

This threat exploits a vulnerability discussed in Microsoft Security Bulletin MS10-046. Make sure that you install the updates available from Microsoft so that your software is no longer affected by the vulnerability.

Threat behavior

Exploit:Win32/CplLnk.B is a detection for specially-crafted, malicious shortcut files that exploit the vulnerability described by CVE-2010-2568 and resolved with the release of Microsoft Security Bulletin MS10-046. It is a minor variation of Exploit:Win32/CplLnk.A.

If you browse a folder that contains the malicious shortcut using a program that displays shortcuts, like Windows Explorer, the malware runs. Successful exploitation results in the malware running with the privileges of the logged-on user.

Analysis by Peter Ferrie


Symptoms

Alerts from your security software may be the only symptom.


Prevention


Alert level: Severe
First detected by definition: 1.87.193.0
Latest detected by definition: 1.87.193.0 and higher
First detected on: Jul 20, 2010
This entry was first published on: Jul 20, 2010
This entry was updated on: Jan 13, 2014

This threat is also detected as:
  • CVE-2010-2568 (other)