Windows XP Help attacks on the rise

Mike Halsey MVP
Jul 1, 2010
Updated • Dec 11, 2014
Microsoft, Security, Windows XP
|
12

Update: Microsoft has patched the issue and it is no longer a problem provided that Windows users have patched their system with the most recent security updates provided by the company.

An unpatched bug in the Windows XP Help and Support system is being increasingly used in attacks by virus and malware writers reports the BBC.

Microsoft reported it's seen more than 10,000 PCs hit by the attack so far and that it has not been able to find a fix for the problem.

A successful exploit of the issue gives hackers complete control over the PC.  It initially came to light when a Google Engineer discovered it was possible to exploit Windows XP's ability to send and receive remote help from another computer.

Microsoft said it only saw "innocuous" attacks by a few researchers first but discovered later on that hi-tech criminals are exploiting it as well.

Writing on the Microsoft Security Centre blog, Holly Stewart said it had started seeing "seemingly-automated, randomly-generated" web pages that host the exploit.

A senior security researcher at Trend Micro, Rik Ferguson, said  "It's certainly very serious and is now being actively exploited by what appears to be several different groups as you can see form the multiple payloads being delivered." and Carole Thierault, senior security consultant as security firm Sophos described the attacks as a "nightmare".

Microsoft is still working on a fix for the problem but Engadget have reported that...

Microsoft says the only current work around to the issue is to Unregister the HCP Protocol which disables hcp:// style links

The vulnerability does not affect Windows Vista or Windows 7. Users should avoid clicking on links that begin with hcp as that is the requirement for an successful attack on the user system.

Windows XP and Windows Server 2003 users can read the following guide to find out how to protect their system from the attack: Windows XP And Windows Server 2003 Zero-Day Vulnerability

Advertisement

Related content

Microsoft PC Manager is now available on the Microsoft Store for Windows 10 and 11

Microsoft PC Manager is now available on the Microsoft Store for Windows 10 and 11
Graveyard

Microsoft Graveyard: last honor for dead Microsoft products
Microsoft Copilot Pro with GPT-4 Turbo launched for $20 per month

Microsoft Copilot Pro with GPT-4 Turbo launched for $20 per month
Proton says that Outlook is Microsoft's new data collection service

Proton Mail says that the new Outlook app for Windows is Microsoft's new data collection service
Incase Designed by Microsoft accessories

Incase Designed by Microsoft: Microsoft accessories live on under new partnership
Cookies

Microsoft confirms Microsoft 365 service degradation for 1% of Chrome users

Tutorials & Tips

How to make a table of contents in Word?

How to recall an email in Outlook?

How to enable Microsoft Loop app?

Excel Keyboard Shortcuts


Previous Post: «
Next Post: «

Comments

  1. Windows XP Help said on July 15, 2011 at 8:29 pm
    Reply

    pretty crazy, it is probably worth switching to Windows 7 just to avoid this

  2. Mike J said on July 3, 2010 at 5:06 pm
    Reply

    Couldn’t a person just disable the Help and Support service, and be safe? Who ever uses it?? Outside of a business context, I suppose.

  3. Chris said on July 1, 2010 at 5:49 pm
    Reply

    What is the point of the BBC and this article?

    The fix was posted by M$ weeks ago:
    http://support.microsoft.com/kb/2219475

    1. Martin said on July 1, 2010 at 5:49 pm
      Reply

      It was also posted by us at that time: https://www.ghacks.net/2010/06/16/windows-xp-and-windows-server-2003-zero-day-vulnerability/

  4. dan said on July 1, 2010 at 5:20 pm
    Reply

    It would be helpful to supply a link to the ghacks blog entry that supplied a registry fix to this vulnerability.

    1. Martin said on July 1, 2010 at 5:50 pm
      Reply

      You are right, done that.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Advertisement

Hot Discussions

Advertisement

Recently Updated

Latest from Softonic

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2024 - All rights reserved