In a recent security advisory issued to users, Microsoft has cautioned about a Windows vulnerability – the Windows Shell flaw – that can affect the some of the operating system versions via attacks through Windows shortcuts, icons for which are displayed on the computer screens of the users.

The bug, which affects several popular and still-in-use versions of the Windows operating system, can be exploited either through removable drives or over computer networks.

In its Friday-issued Security Advisory 2286198, Microsoft elaborated that in Windows 95 and subsequent versions, the Windows Shell – which displays the icons on the user’s desktop, the Start Menu, the taskbar, and the file browser; and launches other programs on request - is explorer.exe, either in the Windows folder or in one of its subfolders.

Due to the vulnerability, Windows Shell, at times, fails to properly corroborate certain parameters of the ‘shortcut’ – the icon that is the link to an application – during the process of loading it.

By exploiting the flaw, attackers can run arbitrary code on a victim’s computer; or even take over the system will full user rights; thereby getting he ability to view, alter or delete data; install programs; or create new accounts.

Though Microsoft has suggested some workarounds to combat the Windows Shell vulnerability, security experts are of the opinion that the workarounds are not effective enough; and that a patch is required for all affected operating systems.