Microsoft might have a tough time fixing Windows shortcut vulnerability, a security researcher said. A renowned vulnerability specialist, though, oppose, and said Microsoft can deliver a patch inside two weeks.

"The way Windows' shortcuts are designed is faulted, and I believe they will have an extremely hard time patching this," said Roel Schouwenberg, an antivirus researcher with Moscow-based Kaspersky Lab. Schouwenberg based his forecast that a patch can confirm indefinable on truth that Microsoft has not at all faced a security issue with shortcuts, and thus has no security processes in place that it can rapidly twist. For its part, Microsoft believes the fault security vulnerability, and has promised a patch. As of Tuesday, though, it had not set a timeline for a fix.

Microsoft has recognized that attackers can utilize a hateful shortcut file, recognized by ".lnk" expansion, to automatically perform their malware by getting users to outlook the contents of a folder containing a deformed shortcut. The risk is still greater if hackers use infected USB flash drives to extend their attack code, as the latter automatically performs on most Windows PCs as quickly as drive is plugged into machine. All versions of Windows are vulnerable to attack, as well as the just launched beta of Windows 7 Service Pack 1 (SP1), as well as newly retired Windows XP SP2 and Windows 2000.