Microsoft warns Windows Xp users not to press F1 key

view story

http://digitizor.com – Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site. This was a reaction to an bug in VBScript that Polish researcher Maurycy Prodeus had revealed Friday. The vulnerability could enable hackers  to hijack PCs running Internet Explorer (IE). Microsoft noted that hackers exploiting the VBScript flaw using Windows Help and Internet Explorer could grab complete control of a Windows system. Last week Prodeus pointed out that attackers could exploit the “logic flaw” by feeding users malicious code disguised as a Windows help file and convincing them to press the F1 key when a pop-up appeared. Microsoft has confirmed the bug and said “The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.“ Microsoft says that Windows 2000, Windows XP and Windows Server 2003 are impacted by the bug and any supported versions of Internet Explorer (IE) on those operating systems. Until a patch is available, Microsoft advise users not to press the F1 key if a Web site tells them to. Microsoft has not however set a time-line to fix the bug. Customers running Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2 are safe from such attacks, Microsoft said. var wordpress_toolbar_urls = [];var wordpress_toolbar_url = "http://www.watblog.com/wp-content/plugins/wordpress-toolbar/toolbar.php";var wordpress_toolbar_oinw = "oinw";var wordpress_toolbar_hash = "aHR0cDovL2RpZ2l0aXpvci5jb20vMjAxMC8wMy8wMi9taWNyb3NvZnQtd2FybnMtd2luZG93cy14cC11c2Vycy1ub3QtdG8tcHJlc3MtZjEta2V5Lzx3cHRiPk1pY3Jvc29mdCB3YXJucyBXaW5kb3dzIFhwIHVzZXJzIG5vdCB0byBwcmVzcyBGMSBrZXk8d3B0Yj5odHRwOi8vZGlnaXRpem9yLmNvbTx3cHRiPkRpZ2l0aXpvcg%3D%3D";Related Posts : Microsoft Disses Linux, Got Smacked Right Back In The Face With A New Security Flaw! 7 things you must know about the XP Mode in Windows 7 (Virtual PC) Use ‘Malicious Software Removal Tool’ from Microsoft to scan your computer for Conficker How-To install Microsoft IIS Server on Windows 7? Windows 7 Upgrade Chart Whats This? (HowTos)