SB2018081419 - Remote code execution when processing LNK files in Microsoft Windows

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2018-8345)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to an error when processing .LNK files (windows shortcuts). A remote attacker can place a specially crafted .LNK file along with associated malicious binary and automatically execute it when the victim opens a removable drive or a remote share that contains .LNK file.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

2) Improper input validation (CVE-ID: CVE-2018-8346)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to an error when processing .LNK files (windows shortcuts). A remote attacker can place a specially crafted .LNK file along with associated malicious binary and automatically execute it when the victim opens a removable drive or a remote share that contains .LNK file.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8345
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8346