PCMag reports the bug comes from Windows improperly handling shortcut (.LNK) files executed through the shell, typically Windows Explorer.
When the user launches such a shortcut through the associated icon, Windows fails to properly validate the parameters of the shortcut and malicious code in the .LNK may be executed.
The attack would typically be performed through removable drives, like USB thumb drives of CD-ROMs.
Microsoft lists two workarounds in the advisory. The first disables the display of icons for shortcuts, which will create a very wrong-looking situation in Windows Explorer. The second disables the WebDAV client service, which only affects that vector.
Microsoft has begun their process of investigation and patch development and this is the sort of attack that can be found and blocked by conventional anti-malware.
