This is a serious vulnerability that is the result of a flaw in the way Windows handles shortcut files (files that end in .LNK.) An attacker could craft a malicious shortcut file and gain complete control over a vulnerable Windows computer if a user navigated to a Windows folder or removable drive that contains the booby trapped file.

Also read: Microsoft releases new security bulletins

"We have seen some examples of rigged .LNK files that exploit the vulnerability. Exploiting the vulnerability is relatively easy to do, so McAfee expects to see wider exploitation of this vulnerability soon," said Rahul Kashyap in Bangalore, vulnerability research manager at McAfee.

McAfee has recommended Windows users to:

- Use caution when using removable storage devices and only connect devices to their computers from trusted sources

- Do not download or click on shortcut files (.LNK files) that are hosted on the network shares, Web or sent in e-mail

- Network administrators should block downloads of shortcut (.LNK) files

Also read: Security Trends 2010