- Microsoft has updated their Security Advisory at least twice this week; it now points to a Knowledge Base article that has a "Fix it" thing you can click on to make the two changes I described in the last post about this. They have also substantially revised their analysis of the flaw - originally it was thought that the AutoPlay/Autorun feature had to be turned on but as we know now, just viewing a shortcut in Windows Explorer can trigger malware if it exists.
- It is apparently possible that even shortcuts embedded in documents (e.g. MS Word files), emails, or web pages could be used as vectors... Think about that for moment - yow!
- The SN podcast also points to a Didier Stevens blog post that describes how to use Software Restriction Policies in Windows to combat the flaw. However, it's probably a more advanced "hack" than the ones already described, and you can really screw stuff up if you don't know what you're doing with Policies. I have managed to configure two systems I have (one XP, one Win7) successfully with these changes, and tested it on one of them by trying to run an executable on a thumb drive that I have mounted... The application is blocked and a message comes up saying so.
Friday 7/30 update: MS has announced that they'e going to release an out-of-cycle patch next week for this. Details are in the MS Security blog.