dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Microsoft warns Windows XP users, 'don't touch the F1 key'

Mar 03, 2010, 03:02 (7 Talkback[s])
(Other stories by Gregg Keizer)

[ Thanks to E5Rebel for this link. ]

"Microsoft has warned Windows XP users not to press the F1 key when prompted by a website, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE).

"In a security advisory issued on Monday, Microsoft confirmed the unpatched bug in VBScript that Polish researcher Maurycy Prodeus had revealed on Friday, offered more information on the flaw and provided some advice on how to protect PCs until a patch shipped.

""The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer," read the advisory. "If a malicious website displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.""

Complete Story

Related Stories: