Microsoft Remind Problem F1 key Attacks on Windows
Microsoft warned of security risks related to the browser version of Internet Explorer on Windows 2000 and Windows XP that can make a malicious website infiltrated the user PC. If you are in this range, so be careful and don’t easily fall for suspicious things that could be fatal for your PC.
Microsoft revealed that a dangerous site can get into Internet Explorer using VBScript script to access the Windows Help files, according to postings in the Microsoft Security Research & Defense. An attack will display the dialog box that encourages the user to press the F1 key, which actually will launch the attack.
According to US-Cert, the attack can come from a web page, HTML email, or email attachment, for Internet Explorer is used to display the file. This is because the IE engine is usually used to send the HTML for other applications, even when the user does not see the IE window as usual. The impact of this IE attacks affect the operation bersistem PC Windows Server 2003, but the default IE konfigurasu it can reduce the threat. While the operating system Windows Vista, Server 2008 and Windows 7.
If a site displays a message that does not go away before the user presses F1, the user can log off or use the Windows Task Manager to close IE. It also can change the intranet security zone settings that IE can help ward off an attack that appears. If the user happy with the command line in Windows, the user can lock the validity of the Windows Help system to prevent viruses and protect the load from these threats, with the following code:
cacls “% windir% \ winhlp32.exe” / E / P everyone: N
and to reverse the changes to the original function:
cacls “% windir% \ winhlp32.exe” / E / R everyone
Interesting Stuff
Related Posts:
