Follow:

 

Win32/CplLnk


Microsoft security software detects and removes this threat.

These are shortcut files that exploit the vulnerability described by CVE-2010-2568. The vulnerability has been resolved with the release of Microsoft Security Bulletin MS10-046.



What to do now

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find other hidden malware.

Apply updates

This threat exploits a vulnerability discussed in Microsoft Security Bulletin MS10-046. Make sure that you install the updates available from Microsoft so that your software is no longer affected by the vulnerability.

Enable MAPS 

Enable the Microsoft Active Protection Service (MAPS) on your system to protect your enterprise software security infrastructure in the cloud.

  1. Check if MAPS is enabled in your Microsoft security product:

    1. Select Settings and then select MAPS.

    2. Select Advanced membership, then click Save changes. With the MAPS option enabled, your Microsoft anti-malware security product can take full advantage of Microsoft's cloud protection service

  2. Join the Microsoft Active Protection Service Community.
Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Threat behavior

Exploit:Win32/CplLnk is a detection for specially-crafted, malicious shortcut files that exploit the vulnerability that is described by CVE-2010-2568. The vulnerability has been resolved with the release of Microsoft Security Bulletin MS10-046.

If you look at a folder that contains the malicious shortcut using an application that displays shortcut icons, like Windows Explorer, the malware runs instead.

Successful exploitation results in the malware running with the privileges of the logged-on user; for example, if you're running with administrator privileges, the malware also runs with administrator privileges.


Symptoms

Alerts from your security software may be the only symptom.


Prevention


Alert level: Severe
This entry was first published on: Aug 03, 2010
This entry was updated on: Jun 02, 2015

This threat is also detected as:
  • CVE-2010-2568 (other)
  • MS10-046 (other)