An unpatched bug in the Windows XP Help and Support system is being increasingly attacked by virus and malware writers, as reported by the BBC.
Microsoft has reported it’s seen more than 10,000 PCs hit by the attack so far and it’s still not been able to find a fix for the problem.
The effect of the vulnerability can give hackers complete control over a PC. It initially came about when a Google Engineer discovered it was possible to exploit Windows XP’s ability to send and receive remote help from another computer.
Initially, Microsoft said it only saw “innocuous” attacks by a few researchers but now hi-tech criminals are exploiting it as well.
Writing on the Microsoft Security Centre blog, Holly Stewart said it had started seeing “seemingly-automated, randomly-generated” web pages that host the exploit.
A senior security researcher at Trend Micro, Rik Ferguson, said ”It’s certainly very serious and is now being actively exploited by what appears to be several different groups as you can see form the multiple payloads being delivered.” and Carole Thierault, senior security consultant as security firm Sophos has described the attacks as a “nightmare”.
Microsoft is still working on a fix for the problem but Engadget have reported that…
Microsoft says the only current work around to the issue is to Unregister the HCP Protocol which disables hcp:// style links
The vulnerability does not affect Windows Vista or Windows 7.
Windows XP and Windows Server 2003 users can read the following guide to find out how to protect their system from the attack: Windows XP And Windows Server 2003 Zero-Day Vulnerability
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook or Twitter.Related Articles:
Windows 7 64-bit And Windows Server 2008 R2 Vulnerability EmergesWindows Security Updates September 2008
Microsoft Silently Installing Windows Presentation Foundation Plugin For Firefox
Windows Vulnerability Scanner
SQL Injection Attacks by Example
It would be helpful to supply a link to the ghacks blog entry that supplied a registry fix to this vulnerability.
You are right, done that.
What is the point of the BBC and this article?
The fix was posted by M$ weeks ago:
http://support.microsoft.com/kb/2219475
It was also posted by us at that time: http://www.ghacks.net/2010/06/16/windows-xp-and-windows-server-2003-zero-day-vulnerability/
Couldn’t a person just disable the Help and Support service, and be safe? Who ever uses it?? Outside of a business context, I suppose.
pretty crazy, it is probably worth switching to Windows 7 just to avoid this