photo courtesy of: pixabay.com

Our senior security researcher Shih-Fong Peng (@_L4ys), has found a critical vulnerability in Microsoft Windows. This vulnerability is officially defined by MITRE as CVE-2019-1188 (LNK Remote Code Execution Vulnerability).

TeamT5 suggests our clients to update this patch immediately. This vulnerability could allow attackers obtain privilege of the local user. Users should be vigilant of any suspicious removable drive or remote share for holding malicious .LNK file. If the .LNK file is parsed by any application, it could allow remote code execution and make system under the control of attackers.

More Details of CVE-2019-1188:

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1188

More Detail of the Microsoft Patches in August 2019

https://portal.msrc.microsoft.com/en-us/security-guidance