Windows Help Centre ATTACKS … (Zero-Day Vulnerability)!
June 10th, 2010
No comments
A recent discovery of a Zero-Day Vulnerability in the “Windows Help Centre” HCP Protocol Handler, which does not handle correctly malformed “Escape Sequences”. Hence, executing code remotely without the authorization of the user.
As per Microsoft, the vulnerability is applicable only to Windows XP and Windows Server 2003.
Scareware criminals are already taking advantage of the vulnerability to earn profit by installing unauthorized software on user machines (i.e. Fake Antivirus).
Here is what you can do to prevent damages:
- If you want to fix the issue temporarily, use this Fix It Tool from Microsoft
- If you visit a website, and the Help Centre opens, shutdown your machine
- If your computer is acting abnormal, get our tools (i.e. RescueCD, FakeAV Remover)
- Apply Microsoft’s Patch when it becomes available (Do not forget to disable the Fix)
Try the following harmless Proof-of-Concept (at your own risk):
UPDATE (2010/07/13): Microsoft has released a patch for this issue (MS10-042). Please update as soon as possible.
