Armis Vulnerability Intelligence Database

Description Preview

The CVE-2010-2568 vulnerability is a serious security flaw in the Windows Shell of several Microsoft Windows versions. This vulnerability can be exploited by local users or remote attackers to execute arbitrary code via a specially crafted .LNK or .PIF shortcut file. The flaw arises due to improper handling of these shortcut files during icon display in Windows Explorer. This vulnerability was demonstrated in the wild in July 2010 and was originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems.

Overview

The CVE-2010-2568 vulnerability is a high-risk flaw that affects multiple versions of Microsoft Windows. The flaw lies in the Windows Shell, where .LNK or .PIF shortcut files are not properly handled during icon display in Windows Explorer. This allows local users or remote attackers to execute arbitrary code, potentially compromising the system. The vulnerability was first reported in July 2010 and has been used in the wild, notably by malware targeting Siemens WinCC SCADA systems.

Remediation

Microsoft has released a security update to address this vulnerability. Users are advised to apply the update as soon as possible to protect their systems from potential attacks. The update can be found in the Microsoft Security Bulletin MS10-046. For systems that cannot be updated immediately, it is recommended to disable the display of icons for shortcuts and disable the WebClient service as a workaround.

References

Early Warning

Armis Early Warning customers received an advanced alert on this vulnerability.

Armis Alert Date: Jul 16, 2010
CISA KEV Date: Sep 15, 2022

4444days early

Learn More

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

Health Care & Social Assistance
Health Care & Social Assistance
Manufacturing
Manufacturing
Arts, Entertainment & Recreation
Arts, Entertainment & Recreation
Retail Trade
Retail Trade
Accommodation & Food Services
Accommodation & Food Services
Administrative, Support, Waste Management & Remediation Services
Administrative, Support, Waste Management & Remediation Services
Agriculture, Forestry Fishing & Hunting
Agriculture, Forestry Fishing & Hunting
Construction
Construction
Educational Services
Educational Services
Finance and Insurance
Finance and Insurance
Information
Information
Management of Companies & Enterprises
Management of Companies & Enterprises
Mining
Mining
Other Services (except Public Administration)
Other Services (except Public Administration)
Professional, Scientific, & Technical Services
Professional, Scientific, & Technical Services
Public Administration
Public Administration
Real Estate Rental & Leasing
Real Estate Rental & Leasing
Transportation & Warehousing
Transportation & Warehousing
Utilities
Utilities
Wholesale Trade
Wholesale Trade