Exploit:Win32/CplLnk.B

(?)

Encyclopedia entry
Updated: Apr 17, 2011 | Published: Jul 20, 2010

Aliases

CVE-2010-2568

other

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.

Detection initially created:
Definition: 1.87.193.0
Released: Jul 20, 2010

Summary

Exploit:Win32/CplLnk.B is a generic detection for specially-crafted, malicious shortcut files that exploit the vulnerability that is described by CVE-2010-2568.

When a user browses a folder that contains the malicious shortcut using an application that displays shortcut icons, the malware runs instead. An example of an application that displays shortcut icons is Windows Explorer. No further user interaction is required, in most cases.

Top

Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).

Top

Technical Information (Analysis)

Exploit:Win32/CplLnk.B is a generic detection for specially-crafted, malicious shortcut files that exploit the vulnerability that is described by CVE-2010-2568. Exploit:Win32/CplLnk.B is a minor variation of Exploit:Win32/CplLnk.A.

Successful exploitation results in the malware running with the privileges of the logged-on user.

Additional Information

This vulnerability is referenced as Microsoft Security Bulletin MS10-046 and CVE-2010-2568.

Analysis by Peter Ferrie

Top

Prevention

Take these steps to help prevent infection on your computer.

Top

Recovery

Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as Microsoft Security Essentials, or the Microsoft Safety Scanner. For more information about using antivirus software, see http://www.microsoft.com/security/antivirus/av.aspx.

Additional recovery instructions

This threat exploits a vulnerability discussed in Microsoft Security Bulletin MS10-046. Make sure that you install the updates available from Microsoft so that your software is no longer affected by the vulnerability.

Top


	Provide feedback Please note: While your feedback is very important to us, we do not respond to individual submissions through this channel. Feedback, requests, or questions submitted through this form are monitored, however responses are not generated. If you require support, please visit the Safety & Security Center.