Last week, a security researcher from Google publicized a vulnerability in the Help and Support Center application that is part of Windows XP and Windows Server 2003. An attacker can exploit this vulnerability by enticing users to click on a malicious hcp:// link, which will cause it to run an arbitrary executable on the machine.
Unfortunately, a fix from Microsoft is not available at this time. Windows XP and Windows Server 2003 users are at risk. Users of Windows 7, Windows Server 2008, Windows Vista, and Windows 2000 are not affected.
On June 12, Microsoft has published "Fix Its" for this vulnerability, which will enable users to fix this vulnerability by clicking the "Enable this fix" button on this page. The "Enable this fix" button will allow you to download and run an executable that fixes the issue. We highly recommend that all Windows XP and Windows Server 2003 users do this while waiting for a permanent fix to be available.
This fix can be undone by clicking the "Disable this fix" button on the same page.
0 comments:
Post a Comment