Microsoft updated a security advisory warning users of a critical .LNK vulnerability with an automated “Fix It” tool that serves as a stop gap until the company issues a patch.
Microsoft implemented the “Fix It” tool in an attempt to temporarily plug the security hole and prevent existing attacks that are already exploiting the vulnerability by disabling some icons from being displayed linked to shortcut files.
A shortcut is a link, represented by an icon and connected with the LNK extension, that connects a user to a specific file or program, intended to keep frequently accessed files in an easy-to-reach location. Disabling the shortcut icons would subsequently display icons as ‘white” default icons, and prevent malware from exploiting the vulnerability in attacks, although it wouldn’t impact usability.