From time to time vulnerabilities are found in Windows systems, and are patched via Windows Update. This recent one deserves special attention because it is classified as critical for Windows XP, Vista and 7. The vulnerability allows for remote code execution (meaning a remote attacker could take control of your computer) and is related to the displaying of an especially crafted shortcut icon.
If your system does not have Windows Update configured to automatically download and install updates, your computer might be at risk. If you want to browse through available updates and decide to install only the one related to this vulnerability, this is the keyword (Remember if you have Windows XP, it must have at least Service Pack 3 installed, and if you have Windows Vista, at least Service Pack 1 installed): “KB2286198”.
Contact me if you need help dealing with this.
Thanks for your wonderful help.
I wonder if my computer is vulnerable…I’ve windows xp, and don’t know if I have that service pack you mentioned. And also, how do I fix this? jerrye
I’ll get in touch via email and we’ll this sorted out.
Hiya. I don’t have service pack 3.
If I have service pack 2 can I forego this update, by any chance?
Also, if my computer’s pre 2009, do I not have to worry about
PowerShell, as you mentioned in your latest blog post,
“More Vulnerabilities in Windows Computers”?
And third, would AppGuard take care of the whole shebang
so we wouldn’t have to worry about updates, at all?
One quick test to find out if you have PowerShell installed is to open a standard command line and type:
C:\>powershell
If it tells you that “powershell” is an unrecognized command or application, then you don’t have it.
On AppGuard, yes, as far as security updates. But remember that there are two other aspects to updates: perfomance and stability.