[BITList] Don't press F1 in Windows XP: Microsoft

John Feltham wulguru.wantok at gmail.com
Thu Mar 4 12:47:15 GMT 2010 


Begin forwarded message:


Don't press F1 in Windows XP: Microsoft

3 Mar, 2010, 0037 hrs IST, Indiatimes Infotech,

NEW DELHI: The software giant Microsoft has told Windows XP users not to 
press the F1 key when prompted by a Web site, as part of a security 
adviso ry.

The advisory has been issued regarding an unpatched vulnerability that 
hackers could exploit to hijack PCs running Internet Explorer (IE). In 
the advisory, Microsoft confirmed the unpatched bug in VBScript that 
Polish researcher Maurycy Prodeus had revealed last week.

"The vulnerability exists in the way that VBScript interacts with 
Windows Help files when using Internet Explorer. If a malicious Web site 
displayed a specially crafted dialog box and a user pressed the F1 key, 
arbitrary code could be executed in the security context of the 
currently logged-on user. On systems running Windows Server 2003, 
Internet Explorer Enhanced Security Configuration is enabled by default, 
which helps to mitigate against this issue," reads the advisory.

Recently, Prodeus called the bug a "logic flaw," and said attackers 
could exploit it by feeding users malicious code disguised as a Windows 
help file and convincing them to press the F1 key when a pop-up 
appeared. Such files have a ".hlp" extension.

Windows 2000, Windows XP and Windows Server 2003 are impacted by the 
bug, said Microsoft, and any supported versions of Internet Explorer 
(IE) on those operating systems, including IE6 on Windows XP, could be 
exploited by hackers.

The security advisory said, "Our analysis shows that if users do not 
press the F1 key on their keyboard, the vulnerability cannot be exploited."

Users can also thwart the attacks by disabling Windows Help.
What Windoze should have suggested was = buy an Apple iMac.__._,_.___


What Micro$oft should have said was - buy an Apple iMac...

ooroo


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.bcn.mythic-beasts.com/pipermail/bitlist/attachments/20100304/8c9d33bb/attachment.shtml

More information about the BITList mailing list