Windows Help Needs Help -- Redmondmag.com

Barney's Blog

Windows Help Needs Help

The help system for Windows XP and Server 2003 has a flaw that could (but hasn't yet) allow remote code execution exploits. For the attack to work, a user will have to visit a malicious Web site or click a bad link in a spam message.

The flaw was discovered by Google which blasted Microsoft for waiting to release the information. Correct me if I'm wrong, but disclosing an unpatched flaw is an open invitation to hackers, n'est-ce pas?

What do you think? Should flaws be publicized before there's a remedy? Send me a malicious-code-free e-mail with your thoughts to [email protected].

Posted by Doug Barney on 06/14/2010 at 1:17 PM

Featured

Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.
What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.