Windows Shortcut Exploit, also known as CPLINK, is a zero-day vulnerability in all versions of Windows
that allows a Windows shortcut link, known as an .lnk file, to run a malicious DLL file. The dangerous shortcut links can also be embedded on a website or hidden within documents.

The exploit works when you open a device, network share or WebDav point carrying an infection—you don't need to click on anything for the exploit to work, even if you have AutoPlay and AutoRun disabled.

Currently, there is no patch from Microsoft to fix this exploit; however, a free Windows Shortcut Exploit Protection Tool from Sophos will block this exploit from running on your computer.

The Windows Shortcut Exploit affects all Microsoft-supported versions of Windows—anything newer than Windows XP
SP3—as well as older versions.

Download Free Protection Tool

Homepage