CVE-2010-3966

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 R2 Windows 7

Description The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory. This can be demonstrated by a directory that contains specific file types. A remote code execution vulnerability exists in the way that Microsoft Windows opens specific files on platforms that do not support the BranchCache functionality, potentially allowing an attacker to take complete control of an affected system.

Recommendations For Windows Server 2008 R2, apply the recommended patch to resolve the issue. For Windows 7, apply the recommended patch to resolve the issue. As a temporary workaround, consider restricting access to directories that may contain malicious DLLs until a patch is available.