Be careful of Windows XP's F1 Help Bug

According to iSEC's advisory, the attacker needs to elicit some cooperation from the user: The attack pops up a Windows very simple messagebox, loaded with VBScript

When the user presses F1, IE will load an attacker-supplied .HLP file with winhlp32.exe. iSEC also notes a stack overflow vulnerability in winhlp32 that they could use.

Microsoft confirmed a vulnerability in Internet Explorer 6, 7 and 8 that could allow remote code execution on Windows XP.

View Article



Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Here are the five core principles for monetizing your storage like never before and winning more customer applications than ever for your cloud and hosted services. These are your keys to the next generation data center.

  • Over 85% of enterprises will commit to multicloud architectures by 2018. The flexibility of the cloud will allow these organizations to more fully support DevOps and gain critical business insights. In this Solution Brief, you can explore how IT leadership can utilize VMware vRealize Suite as a unified, full-function platform to manage cloud infrastructure and application provisioning, monitoring, capacity planning, analytics, and more.

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date