Software giant Microsoft has issued a warning about an unpatched vulnerability in XP machines running Internet Explorer.
According to Techworld, the flaw is present in all versions of Internet Explorer and on all operating systems up to Windows XP SP3. It consists of a bug in VBScript that could enable hackers to inject a PC with malware.
The analyst who discovered the flaw said that attackers could exploit a PC by disguising malware as a Windows help file with a .hlp extension, which then attempts to lure users in to hitting the F1 key. Once this is done, the malware infects the victims system.
"I would say the vulnerability is 'high severity," said security researcher Cesar Cerrudo told Techworld. "It's not critical since it needs user interaction, the user pressing F1 key when a message dialog is displayed.
“I would say that there is a high probability a regular user will press F1 key if asked, since an attacker can annoy the user with hundred of messages telling the user to press F1 to continue."
Advertisement
Related Stories
- Microsoft's Windows revenue down Jan 20th 2012 at 5:53AM
- Windows hotfix for AMD Bulldozer CPUs Dec 16th 2011 at 7:25AM
- Rise of the planet of the apps Dec 15th 2011 at 2:18PM
- Little Printer produces personal 'newspaper' from web Nov 30th 2011 at 5:05PM
- New direction for Spotify? Nov 30th 2011 at 12:10PM
- New look PCR website gives you more Nov 9th 2011 at 2:17PM
- Firefox 8.0 released Nov 8th 2011 at 9:25PM
- Google launches Google+ Pages Nov 7th 2011 at 8:46PM
- Virgin says one third of the UK has access to 100Mb broadband Nov 6th 2011 at 10:52PM
- Music and film industry presses BT to block the Pirate Bay Nov 6th 2011 at 10:34PM
Follow Follow this article if you would like to receive notifications of updates.
Add a new comment
You need to be logged in to post comments. If you do not have an account then please register.
Comments
0 comments
There are no comments yet, be the first to add one!