Beware Windows XP Attacks

A Microsoft security advisory issued on 10 June reported a vulnerability in the Windows Help and Support Center that could allow remote code execution. Real attacks exploiting the vulnerability surfaced on 15 June and as of Wednesday (30 June) the Microsoft Malware Protection Center (MMPC) reported at least 10 000 distinct computers that have seen the attack.

There is still no fix for the vulnerability available, but Microsoft has provided a workaround that disables the feature creating the vulnerability. An automated fix has been posted on the Microsoft support site.

The MMPC reports that the largest targets of the attack have been the United States, Russia, Portugal, Germany, and Brazil.

According to the security advisory the vulnerability can be exploited by a malicious website, but not automatically through email. A user has to actively visit a malicious site in order to be compromised.

A successful attack can also not gain more rights than the current local user: “Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,” said Microsoft.

The versions of Windows affected are:

1.      Windows XP Service Pack 2 and Windows XP Service Pack 3

2.      Windows XP Professional x64 Edition Service Pack 2

3.      Windows Server 2003 Service Pack 2

4.      Windows Server 2003 x64 Edition Service Pack 2

5.      Windows Server 2003 with SP2 for Itanium-based Systems

Windows XP Help and Support Center vulnerability << comments and views

Don't miss the latest news

• Add MyBroadband as a preferred source in Google Search
• Follow MyBroadband on Google News