CVE-2010-2568 vulnerability in Microsoft Products
Published on July 22, 2010
Known Exploited Vulnerability
This Microsoft Windows Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.
The following remediation steps are recommended / required by October 6, 2022: Apply updates per vendor instructions.
Vulnerability Analysis
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2010-2568
You can be notified by stack.watch whenever vulnerabilities like CVE-2010-2568 are published in these products:
What versions are vulnerable to CVE-2010-2568?
- Microsoft Windows Server 2008 sp2 x32
- Microsoft Windows Server 2008 Version - x64
- Microsoft Windows Server 2008 Version r2 itanium
- Microsoft Windows Server 2008 Version r2 x64
- Microsoft Windows Server 2008 Version - sp2 itanium
- Microsoft Windows XP Version - sp2 x64
- Microsoft Windows Server 2008 Version - gold itanium
- Microsoft Windows 7 Version -
- Microsoft Windows Server 2008 x32
- Microsoft Windows Server 2008 x64
- Microsoft Windows Vista Version - sp1
- Microsoft Windows XP sp3
- Microsoft Windows Server 2008 sp2 x64
- Microsoft Windows Vista sp1
- Microsoft Windows Server 2003 sp2
- Microsoft Windows Vista Version - sp2
- Microsoft Windows Vista sp2
- Microsoft Windows Server 2008 Version - itanium
- Microsoft Windows 2003 Server sp2
- Microsoft Windows Server 2008 itanium
- Microsoft Windows 2003 Server sp2 itanium