Help Files Pose a Critical Threat to Internet Explorer
Article by George Norman
On 02 Mar 2010
A proof of concept that details how arbitrary code can be run on a targeted machine by using VBScript in an .HLP file has been publicly posted. If a person with malicious intent hosts a specially crafted webpage, lures a computer user to that webpage and convinces him to press the F1 key, it could lead to remote code execution, announced the Microsoft Security Response Center (MSRC).

The good news is that no attacks exploiting this vulnerability have been spotted in the wild. The other good news is that Windows 7, Windows Vista, Windows Server 2008 and Windows Server 2008 R2 are not affected. Windows XP SP2 and SP3, and Windows Server 2003 SP2 are affected though.

Advertising

“Windows Help files are an inherently unsafe file format. That means these files can run arbitrary code, thus the browser must prevent remote Windows Help files from executing automatically. VBScript functionality available from within Internet Explorer exposes the MsgBox function, allowing script on a web page to display a message to the user. The parameters supplied to the MsgBox function may reference an associated Window Help file, though this functionality is limited when VBScript is used within the browser. hough user interaction is required the F1 keyboard shortcut does enable an attack scenario. In the exploit, a file path enables a .HLP file to be loaded from the local filesystem, SMB, or WebDav,” explained David Ross, MSRC Engineering.

Microsoft’s investigation into this issue is ongoing. As Senior Security Communications Manager Lead with the MSRC, Jerry Bryant explained, the Redmond-based software giant will take appropriate action to protect its customers once the investigation has been completed. An out-of-band update may even be released if the situation calls for it. In the meanwhile Security Advisory 981169 has been posted online to offer Microsoft customers guidance on how to stay protected. A simple workaround would be to disable active scripting in IE for example. Or change the permission on winhlp32.exe.



Tags: Microsoft, Internet Explorer, IE, Vulnerability, Help files, VBScript
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Help Files Pose a Critical Threat to Internet Explorer
HTML Linking Code