To date, the only widespread report of an infection in the wild specifically targets Siemens SCADA equipment. According to a report today, one Siemens customer in Germany was infected. You can bet there will be many more exploits to follow. Admins are particularly paranoid about a worm escaping on a high-volume network share.
Microsoft has posted a "Fixit" one-click tool that disables shortcut icon rendering as part of Knowledge Base article KB 2286198. The Fixit simply deletes the (Default) value of Registry keys HKCR\lnkfile\shellex\IconHandler and HKCR\piffile\shellex\IconHandler. The KB article notes that disabling those keys will turn many built-in Windows icons into white boxes. Undoubtedly there will be side effects somewhere, but so far I haven't heard of anything significant.
If your users get upset over little Windows inanities, they may go bonkers when many of their beautiful Windows icons turn into white flags. Unfortunately, it now appears as if this little zero day is poised to spread quickly -- and traditional antivirus products may not be able to catch it in time. It would be wise to weigh the possible consequences of inaction.
This article, "Microsoft rushes out patch for Windows shortcut vulnerability," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog.