Recently discovered new-old vulnerability threatening users Windows XP si Windows Server 2003: Through it, anyone can run through remote orders or applications on those systems.
Recently discovered vulnerability is closely related to Help and Support Center Windows XP and Windows Server 2003, exactly the way they are processed links hcp :/ / (Default for links Help and Support Center - helpctr.exe). To achieve "performance" of Virus A computer running these operating systems, it is enough visiting a page, the danger is not limited to clicks adoar that give the links from that page or e-mailFor example.
Here's what he says microsoft about this new (actually old ...) break in Windows security:
This vulnerability Could allow remote code execution if a user views a Specially crafted Web page using a Web browser or clicks a link in year Specially crafted email message. Microsoft is aware That proof-of-concept exploit code for the vulnerability has Been Published. Also Microsoft is aware of limited, targeted active attacks use this exploit code That.
Specifically, users XP si server 2003 who tend to login using administrator accounts Total attacks are at "bad guys" who take advantage of this vulnerability in Help and Supporty Center. Restrict users not abstain totally from danger, but because not allowed to install software permanently and, moreover, the limits of what these programs can be quite severe, "outsiders" can not take complete control / permanent on that computer (so admnistrator accounts are recommended when necessary).
How can "patch" in Help and Support Center vulnerability?
Given that Microsoft has not yet released a security update to resolve this problem (Major, so add) and who discovered it (Tavis Ormandy, Google Security Researcher) made public and ways in which it can be exploitedIt is mandatory to use temporary solution offered (All) Microsoft.
|Enable this fix||Disable this fix|
Fix this problem
Microsoft Fix it 50459
Fix this problem
Microsoft Fix it 50460
What exactly solve this? Disable Help and Support Center (Which however the vast majority of users do not use it), thus blocking hackers access to vulnerable computers.
If you do not trust your fix from Microsoft (for various subjective reasons), you can solve the problem alone, via Registry:
- open regedit (Start Menu-> Run-> regedit) And follow the path HKEY_CLASSES_ROOTHCP
- right click on HCP and select RenameThen change its name (in HCP-off, for example).
- close regedit (no need to restart)
Note: Whatever the temporary solution you use to patch the vulnerability door, please remember that after Microsoft will solve the problem in the true sense of the word, to reactivate (but if you want really) via Microsoft Help and Support Center Fix it or rename modified the registry key.
* Windows Vista, Windows Server and Windows 2008 7 not affected by the breach in the HCP protocol.