Redian新闻
>
Windows XP users: Don't press F1

Windows XP users: Don't press F1

博客


By Christopher Null

If you're browsing the web today and see a notice that you should press the F1 key (the traditional button used to get "help" in any application), don't do it.

Microsoft is warning of a brand new exploit that can cause computers running Windows XP and using the Internet Explorer web browser to become infected with malware at the push of a button: Specifically, the F1 button.

The flaw is part of the way Visual Basic and Windows Help are implemented within IE, the upshot being that a clever hacker can code a dialog box that will allow the running of any code the hacker wants. Traditionally this means installing any kind of malware or virus on the victim's PC that a hacker desires.

The good news is that this exploit isn't extremely dangerous because it does require user interaction to install itself. Unlike some recent exploits, merely visiting an infected website won't cause harm to your computer: You actually have to "push a button" to be affected.

The bad news is that the F1 button has always been seen as harmless, more so than simply clicking "OK" on the average prompt you might see. When dismissed, the prompt can also be coded to pop up repeatedly, so getting rid of it might not be simple.

Microsoft is advising users that, until a patch can be written and released, users are advised not to press the F1 key while web browsing. No matter how many pop-ups and alerts a user receives, as long as F1 is not pressed this attack will not succeed.

Microsoft has not announced a timeline for the fix, but its next patch release is due on March 9. Hang tight, but don't ask for "help."


http://ca.tech.yahoo.com/blogs/the_working_guy/rss/article/4373

戳这里 Claim your page
来源: 文学城-stillthere
相关阅读
logo
联系我们隐私协议©2024 redian.news
Redian新闻
Redian.news刊载任何文章,不代表同意其说法或描述,仅为提供更多信息,也不构成任何建议。文章信息的合法性及真实性由其作者负责,与Redian.news及其运营公司无关。欢迎投稿,如发现稿件侵权,或作者不愿在本网发表文章,请版权拥有者通知本网处理。