Microsoft has offered a workaround to Windows XP users affected after a flaw in the operating system was exploited:
http://scforum.info/index.php/topic,4314.0.htmlSince Google engineer Tavis Ormandy released details of the zero-day flaw last month, cyber criminals have dramatically ramped up online attacks that target the bug. Microsoft revealed it has now logged more than 10,000 attacks.
"At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15, the first real public exploits emerged," Microsoft said in a blog posting:
http://blogs.technet.com/b/mmpc/archive/2010/06/30/attacks-on-the-windows-help-and-support-center-vulnerability-cve-2010-1885.aspxThe flaw lies in the Windows Help and Support Center software that comes with Windows XP.
Ormandy was criticized by some in the security community for not giving Microsoft more time to patch the flaw, which he disclosed to the software vendor on June 5. He released details of the bug five days later, apparently after failing to convince Microsoft to fix the issue within 60 days.
Microsoft said in an advisory it is investigating the issue, and it may issue an out-of-schedule patch for the problem:
http://www.microsoft.com/technet/security/advisory/2219475.mspx"Microsoft is also aware of limited, targeted active attacks that use this exploit code. Based on the samples analyzed, Windows Server 2003 systems are not currently at risk from these attacks. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary," the advisor says.
However, until then, it is advising those with affected PCs to use a
one-click Fix-It tool to disable the Help Centre Protocols: http://support.microsoft.com/kb/2219475Alternatively, Windows XP users can disable HCP manually. Click the Start menu, followed by Run. Type regedit and press ok. Highlight the HCP key after expanding the HKEY_CLASSES_ROOT folder. Then right click on the HCP key and select Delete.
(PCW)