What is going on? We don't want remote code to be executed on our Windows XP machines, do we? As you can read in the adjoining article, the MSRC Engineering team has been investigating reports of a vulnerability involving the use of VBScript and Windows Help files.
You will find some excellent technical and configuration advice here.
Now my question is: " Is it worth all the hassle?"
How often do we press F1?
Not that often, do we...
"The MSRC Engineering team has been investigating reports of a vulnerability involving the use of VBScript and Windows Help files"
- Security Research & Defense : Help keypress vulnerability in VBScript enabling Remote Code Execution (bekijken via Google Sidewiki)
