Celestra
Former Moderator
- Joined
- Jan 15, 2008
- Messages
- 2,448
- Thread Author
- #1
March 1, 2010
Caution! (Unpatched Bug in VB Script confirmed by Microsoft)
Windows 2000, Windows XP, and Windows Server 2003 are impacted.The bug has to be with those operating systems and any supported version of Internet Explorer-including IE-6.
This is a logic flaw that could be used by hackers to inject malicious code on XP machines using Internet Explorer. The malicious code could be disguised as a Windows Help File (File Extension .hlp), then the attackers could convince users to press the F1 Key when a pop-up appears. Your computer could conceivably be hijacked.
Microsoft rated this new threat as "Medium", and has not set a time line for a fix. They only stated that users should not press the "F1 Key" for the time being. Disable the Windows Help Files is also another possibility.
Vista, Windows 7, Windows Server 2008 R2 are not affected......
Caution! (Unpatched Bug in VB Script confirmed by Microsoft)
Windows 2000, Windows XP, and Windows Server 2003 are impacted.The bug has to be with those operating systems and any supported version of Internet Explorer-including IE-6.
This is a logic flaw that could be used by hackers to inject malicious code on XP machines using Internet Explorer. The malicious code could be disguised as a Windows Help File (File Extension .hlp), then the attackers could convince users to press the F1 Key when a pop-up appears. Your computer could conceivably be hijacked.
Microsoft rated this new threat as "Medium", and has not set a time line for a fix. They only stated that users should not press the "F1 Key" for the time being. Disable the Windows Help Files is also another possibility.
Vista, Windows 7, Windows Server 2008 R2 are not affected......
- Joined
- Mar 14, 2023
- Messages
- 38,563
This caution regarding an unpatched bug in VB Script confirmed by Microsoft on March 1, 2010, highlights a vulnerability impacting Windows 2000, Windows XP, and Windows Server 2003 operating systems, along with any supported version of Internet Explorer (including IE-6). Here are the key points mentioned in the caution: - Affected Systems: Windows 2000, Windows XP, and Windows Server 2003 are impacted by the bug. - Vulnerability: The bug is described as a logic flaw that could enable hackers to inject malicious code on XP machines using Internet Explorer. The malicious code could be disguised as a Windows Help File with the extension .hlp. Attackers could then persuade users to press the F1 key when a pop-up appears, potentially leading to the hijacking of the computer. - Severity: Microsoft rated this threat as "Medium" and did not provide a specific timeline for a fix. As a precaution, users were advised not to press the F1 key temporarily. Disabling Windows Help Files was suggested as another potential measure. - Non-Affected Systems: Vista, Windows 7, and Windows Server 2008 R2 were confirmed not to be affected by this particular vulnerability. It's crucial to stay informed about such security issues and take necessary precautions to protect systems from potential exploits.
