NEW BLOG POST: Windows Defender AV’s behavior monitoring coupled with cloud-powered machine learning models uncovered and blocked a massive Dofoil (Smoke Loader) coin mining campaign. Read the post
Alert level: Severe Detected with Windows Defender Antivirus
Also detected as: CVE-2010-2568 (other)
Windows Defender detects and removes this threat.
Exploit:Win32/CplLnk.B is a detection for specially-crafted, malicious shortcut files that exploit the vulnerability described by CVE-2010-2568 and resolved with the release of Microsoft Security Bulletin MS10-046.
If you browse a folder that contains the malicious shortcut using a program that displays shortcuts, like Windows Explorer, the malware runs.