In the meantime, Microsoft lists three mitigating factors for the vulnerability: Redmond took pains to note that it is unaware of any attacks trying to use the vulnerability, is actively monitoring the situation, and may provide a security update on an upcoming Patch Tuesday, or earlier. Thus, clicking on a malicious hcp:// link leverages the XSS vulnerability to circumvent helpctr.exe's safety controls and ultimately run an arbitrary executable on the machine. A Google security researcher discovered, however, that a help page with a cross-site scripting vulnerability can be paired with a mechanism to abuse the allow-list functionality to access that page with an exploit querystring. In Windows XP and Windows Server 2003, clicking on an hcp:// link launches helpctr.exe via a registered protocol handler this is normally a safe way to launch help content thanks to an allow list that Help and Support Center checks before navigating to a given help page. The flaw only affects Windows XP and Windows Server 2003. Microsoft has issued Security Advisory (2219475) to address a publicly disclosed vulnerability in the Windows Help and Support Center function (helpctr.exe).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |