Posterous theme by Cory Watilo

Ó jeeee - Microsoft: Don't press F1 key in Windows XP

Microsoft: Don't press F1 key in Windows XP

Ignore sites that nag to press the Help key, says zero-day bug advisory

March 1, 2010 08:59 PM ET


Computerworld - Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE).

In a security advisory issued late Monday, Microsoft confirmed the unpatched bug in VBScript that Polish researcher Maurycy Prodeus had revealed Friday, offered more information on the flaw and provided some advice on how to protect PCs until a patch shipped.

"The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer," read the advisory. "If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user."

Last week, Prodeus called the bug a "logic flaw," and said attackers could exploit it by feeding users malicious code disguised as a Windows help file -- such files have a ".hlp" extension -- then convincing them to press the F1 key when a pop-up appeared. He rated the vulnerability as "medium" because of the required user interaction.

Windows 2000, Windows XP and Windows Server 2003 are impacted by the bug, said Microsoft, and any supported versions of Internet Explorer (IE) on those operating systems -- including IE6 on Windows XP -- could be leveraged by attackers. Previously, Prodeus had said that users running IE7 and IE8 were at risk, but had not called out IE6.

Until a patch is ready, users can protect themselves by not pressing the F1 key if a Web site tells them to, said Microsoft.

"As an interim workaround, users are advised to avoid pressing F1 on dialogs presented from Web pages or other Internet content," said David Ross with the Microsoft Security Response Center (MSRC) engineering staff in a blog entry on Monday.

"The prompt can appear repeatedly when dismissed, nagging the user to press the F1 key," Ross added.

The security advisory made the same recommendation: "Our analysis shows that if users do not press the F1 key on their keyboard, the vulnerability cannot be exploited."

Users can also stymie attacks by disabling Windows Help. The advisory explained how to entering a one-line command at a Windows command-line prompt to lock down the Help system.

The company took Prodeus to task for taking the bug public, something it regularly does when researchers disclose a vulnerability or post sample attack code before a patch is available.

"Microsoft is concerned that this vulnerability was not responsibly disclosed, potentially putting customers at risk," said Jerry Bryant, a senior manager with the MSRC, in an e-mail. By Prodeus' account, he notified Microsoft of the flaw Feb. 1, about four weeks before publishing his findings.

Microsoft has not set a timeline for a fix, saying only that, "Microsoft will take the appropriate action to help protect our customers." The next scheduled security patch date for the company is March 9.

Although it does not rate the severity of vulnerabilities in its advisories, Microsoft noted that hackers exploiting the VBScript flaw using Windows Help and Internet Explorer could grab complete control of a Windows system.

Customers running Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2 are safe from such attacks, Microsoft said.

Ez de szép

Using only Perl keywords (no literals or punctuation):[3]

not exp log srand xor s qq qx xor
s x x length uc ord and print chr
ord for qw q join use sub tied qx
xor eval xor print qq q q xor int
eval lc q m cos and print chr ord
for qw y abs ne open tied hex exp
ref y m xor scalar srand print qq
q q xor int eval lc qq y sqrt cos
and print chr ord for qw x printf
each return local x y or print qq
s s and eval q s undef or oct xor
time xor ref print chr int ord lc
foreach qw y hex alarm chdir kill
exec return y s gt sin sort split

Gamma error in picture scaling

There is an important error in most photography scaling algorithms. All software tested have the problem: The Gimp, Adobe Photoshop, CinePaint, Nip2, ImageMagick, GQview, Eye of Gnome, Paint and Krita. Also three different operating systems were used: Linux, Mac OS X and Windows. These exceptions have subsequently been reported: the Netpbm toolkit for graphic manipulations, the developping GEGL toolkit, 32 bit encoded images in Photoshop CS3, the latest version of Image Analyzer, the image exporters in Aperture 1.5.6, the latest version of Rendera, Adobe Lightroom 1.4.1, Pixelmator for Mac OS X and Paint Shop Pro X2.

Photographs that have been scaled with these software have been degradated. The degradation is often faint but probably most pictures contain at least an array where the degradation is clearly visible. I suppose this happens since the first versions of these software, maybe 20 years ago.

A photograph of His Holiness the Dalai Lama was tuned to exploit the problem. If you want to give it a try then scale it down 50% using your best software. (If you cannot download the image to your computer by right-clicking on it then either make a snapshot of the screen or download the image in this zipped file.)

The Dalai Lama

This is what you probably will get once the image is scaled by your software:



How much did you pay for that software? This is a scaling performed by a correct software, which evidently shows the same as the start image: