Computer Safety Tip

Latest Windows XP vulnerability exposed! DO NOT press F1!!!

April 7, 2010 Computer Safety Tip

Windows XP users were advised by Microsoft today, to not to press the F1 key when prompted by a particular website. This warning serves as part of Microsoft’s reaction to an unpatched vulnerability that hackers have been able to exploit of late – all in attempts to hijack computer systems suspected of running Internet Explorer (IE).

Microsoft has subsequently confirmed that the unpatched bug in its VBScript offers more information on the flaw and provides some advice on how to protect a PC until a solution to the patch is made available.

A specifically tailored advisory released by Microsoft in lieu of this event states as follows: “The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.”

What hackers will do is make use of this “logic flaw,” by exploiting it through feeding users malicious code which will ultimately be disguised as a Windows help file. This type file will include the “.hlp” extension, this way convincing the user to press the F1 key when a pop-up message appears. The vulnerability has been given a “medium” rating, because of the required user interaction.

The following Microsoft operating systems seem to be affected by this latest bug:
Windows 2000, Windows XP and Windows Server 2003, as well as any supported versions of Internet Explorer (IE) on those particular operating systems — including IE6 on Windows XP.

Until a solution has been made available to the public, Microsoft is encouraging users to NOT press the F1 key, read below:
“As an interim workaround, users are advised to avoid pressing F1 on dialogs presented from Web pages or other Internet content,” said David Ross with the Microsoft Security Response Center (MSRC) engineering staff.
The security advisory made the same recommendation: “Our analysis shows that if users do not press the F1 key on their keyboard, the vulnerability cannot be exploited.”

One more statement made by Microsoft, sums it all up:
“Microsoft is concerned that this vulnerability was not responsibly disclosed, potentially putting customers at risk. Microsoft will take the appropriate action to help protect our customers.” said Jerry Bryant, a senior manager with the MSRC, in an e-mail.

It has been noted that customers running Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2 are safe from this bug, according to Microsoft themselves.

Tags: exploit, F1, hackers, Internet Explorer, vulnerability, warning, windows xp