CERT mailing list archives
Current Activity - Microsoft Windows Help and Support Center Vulnerability
From: Current Activity <us-cert () us-cert gov>
Date: Thu, 10 Jun 2010 11:16:27 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Microsoft Windows Help and Support Center Vulnerability Original release date: June 10, 2010 at 11:01 am Last revised: June 10, 2010 at 11:01 am US-CERT is aware of a vulnerability affecting the Mircosoft Windows Help and Support Center. This vulnerability is due to improper sanitization of hcp:// URIs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands. US-CERT encourages users and administrators to review Vulnerability Note VU#578319 and implement the workarounds to help mitigate the risks and reduce attack vectors. US-CERT will provide additional information as it becomes available. Relevant Url(s): <http://www.kb.cert.org/vuls/id/578319> ==== This entry is available at http://www.us-cert.gov/current/index.html#microsoft_windows_help_and_support -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTBEBvT6pPKYJORa3AQIg8Qf/RSnNKQS+rvCsti8LH+KeOUlHl7SeVQHt C29y6h+Ge7DaL3K32gNFynpLT5/IlVJZyh1v4wtdnD+xmu7EMFE7lEXfLdiZCbJz a5w3Yh5iHU/PRI/1+8OoeUiJHFWMwV8Y5TRU3uzmEY/LU0lpWMPaVZAbjYIylcWJ Ez/kiC0N+9VifCGCdhdYNQhGN7edfO6XFEewk4FfBCVkSbP2vvNECxTRSIJOe6K9 XZv9F6MwHv/pUPh5fUZy5NZHGOefyRzT9bNPRmc96NX8/P2bCHE4ILKT36+WKIcs 8DCV2ESDJKagR5X0Cgw9fuPHWspaWG9oAeuPr4363qPlOQt+usKEQQ== =AXj+ -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Microsoft Windows Help and Support Center Vulnerability Current Activity (Jun 10)