{"id":72939,"date":"2010-03-02T08:04:11","date_gmt":"2010-03-02T08:04:11","guid":{"rendered":"https:\/\/localhost\/wordpress\/?p=72939"},"modified":"2010-03-02T08:04:11","modified_gmt":"2010-03-02T08:04:11","slug":"internet-explorer-hlp-vulnerability-on-windows-xp","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/internet-explorer-hlp-vulnerability-on-windows-xp\/","title":{"rendered":"Internet Explorer .HLP vulnerability on Windows XP"},"content":{"rendered":"<p>Microsoft&#8217;s security team is investigating a security vulnerability reported at <a href=\"https:\/\/isec.pl\/\">https:\/\/isec.pl\/<\/a> by Maurycy Prodeus.<\/p>\n<p>The vulnerability is observed on operating system older than Windows Vista (i.e. Windows XP). In this, the attacker hosting a malicious website can remotely run arbitrary code by convincing the user to press the computer&#8217;s F1 key in response to a popup window.<\/p>\n<p>The vulnerability is the result of the passing a samba share as a helpfile parameter along with a stack based buffer overflow in the winhelp32.exe file when parameters are too long.<\/p>\n<p>There are no reports of attacks exploiting the weakness. Microsoft plans to issue guidance once its investigation is completed.<\/p>\n<p>Microsoft\u2019s Jerry Bryant says more on it, here:<br \/>\n<a href=\"https:\/\/blogs.technet.com\/msrc\/archive\/2010\/02\/28\/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx\">https:\/\/blogs.technet.com\/msrc\/archive\/2010\/02\/28\/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft&#8217;s security team is investigating a security vulnerability reported at https:\/\/isec.pl\/ by Maurycy Prodeus. The vulnerability is observed on operating system older than Windows Vista (i.e. Windows XP). In this, the attacker hosting a malicious website can remotely run arbitrary code by convincing the user to press the computer&#8217;s F1 key in response to a [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-72939","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72939"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72939"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72939\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72939"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72939"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72939"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}