Microsoft have released a new patch which is an out of band security update for the Windows Shortcut vulnerability. This out of band patch is important as it locks down a loophole which allowed hackers access to user rights of an affected system by code related to Windows Shortcut Files (.lnk).
We all know that Windows Shortcuts are link files which allow launching of programs but several malware families have been shown to exploit them – Holly Stewart, senior program manager for Microsoft Malware Protection Center noted this on the official blog.
A malicious shortcut is placed on a hard drive and spreads across the system to gain user rights and access to the internet for follow up attacks. This patch applies to Windows Xp, Server 2002, Vista, Server 2008, Server 2008 R2 and 7 operating systems.
You should be getting this patch over Windows update, however you can also get it directly from here if you need.
got the update last night, thought my PC was hosed actually as it went black on the reboot after installation, but it took a bit of time to apply for some reason