New Internet Explorer exploit affects XP and Windows 2000

A security advisory from Microsoft yesterday warns about a risk involving any version of Internet Explorer on Windows 2000 and Windows XP that can allow a malicious Web site to infiltrate your PC. You should be aware of the implications, and make sure you take action to prevent a possible attack on your PC.

Microsoft’s advisory can be found here: http://www.microsoft.com/technet/security/advisory/981169.mspx

The vulnerability allows a specially designed site to essentially reach through Internet Explorer to access "inherently unsafe" Windows Help files.  An attack would display a dialog box that pushed you to hit F1, which is required to complete the attack.

The attack can come from a Web page, an HTML e-mail or an e-mail attachment, as long as Internet Explorer was used to display the file (IE's code is frequently used to display HTML for other applications, even if you don't see the usual IE program window). Windows Server 2003 is affected as well, but the default IE configuration mitigates the threat. Windows Vista, Server 2008 and Windows 7 are not affected.

If you happen across a site that displays a message box that won't go away that exhorts you to hit F1, log off or use the Windows Task manager to close IE. Also, if you're comfortable working on the Windows command line, a Microsoft post offers a command that can "lock down the legacy Windows Help system" to prevent it from loading and guard against this threat – find the info on the post here: http://blogs.technet.com/srd/ 

The post also lists more standard workarounds, such as changing IE intranet security zone settings, that can also help protect against potential attacks.

As always, a keen eye is a great defense against exploits like this – so be on the lookout for this unusual behavior from websites, HTML email, or an email attachment.  If you have security questions or concerns please feel free to call us, email us or create a support ticket using our web portal.


Leave a comment!

You must be logged in to post a comment.