Barney's Blog

Blog archive

Windows Help Needs Help

The help system for Windows XP and Server 2003 has a flaw that could (but hasn't yet) allow remote code execution exploits. For the attack to work, a user will have to visit a malicious Web site or click a bad link in a spam message.

The flaw was discovered by Google which blasted Microsoft for waiting to release the information. Correct me if I'm wrong, but disclosing an unpatched flaw is an open invitation to hackers, n'est-ce pas?

What do you think? Should flaws be publicized before there's a remedy? Send me a malicious-code-free e-mail with your thoughts to dbarney@redmondmag.com.

Posted by Doug Barney on 06/14/2010 at 1:17 PM


Featured

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.