No announcement yet.

Windows XP: Critical security bug

  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows XP: Critical security bug

    Microsoft confirmed that a bug was found on Windows XP and Windows Server 2003 which could be used to compromise PCs by triggering users to follow malicious URLs or open dangerous e-mails. The company announced that in the past no incident had occurred from exploiting the vulnerability, but users should pay attention on the following:

    This flow was identified in the Windows’ Help and Support Center, a feature that allows users to have access and download Microsoft help files from the Web. The bug was in the "hcp" protocol handler, which could not properly filter the incoming files. Intruders could exploit this vulnerability and direct users to follow malicious or hacked Web sites, or convince them to open dangerous e-mail messages.

    There was no such vulnerability in Windows Vista, Windows 7, Windows Server and Windows Server 2008 R2.
    IT Security Intelligence

  • #2
    If you open emails from people you dont know, and click on any URL that you arent sure of, you are a security risk, not Windows. This is basic, and a smart practice.

    You really should include suggestions in a post like this, such as

    1. If someone gives you a URL to click on in an email that is supposed to direct you to a place where you would enter such information as a bank account or credit card, google search the site you want to go to, and then enter the URL yourself. Never follow a link because you DONT KNOW what the underlying URL is for a link.

    2. If you recieve an email with any kind of file attachment from someone you dont know, dont open it. Plain and simple. If it is from someone you know, and you arent sure, dont open it. If it is a file with a .exe extension, dont open it. Unless you specifically request a file, and its not something like a picture, the safest thing to do is.....wait for it..... dont open it

    3. Keep your operating system up to date, as well as getting a copy of a reputable anti virus and keep it up to date as well. If you arent sure what a program, process, file or other bit of information may to do your computer, google it. It usually takes less than 5 minutes to find out if something you are going to do is potentially harmful or dangerous to your computer.

    4. Dont click on links and dont open email attachments that you arent %100 sure of, ok i repeated myself but only to make sure you were still listening....

    Following these 4 rules as often as possible hopefully helps more than some generic windows warning, but perhaps i could be wrong.


    • #3
      I also like to add a service. Use Virus Total website to check the attachment online. It provide analyzing of suspicious files and URLs and provides detection of worms, viruses, malware and trojans.
      Mr Locks - NYC Locksmith