Security Bytes

Jun 15 2010   6:08PM GMT

Malware exploiting Windows Help Center vulnerability



Posted by: Marcia Savage
Tags:
Microsoft Windows

Researchers at Sophos have detected malware that exploits the zero-day Windows XP flaw disclosed last week by a Google engineer.

Disclosure of the flaw, which is contained in the Windows Help and Support Center, a Web-based feature providing technical support to end users, renewed the old debate about responsible disclosure. Microsoft said the Google engineer, Tavis Ormandy, a bug hunter known for finding kernel-level operating system coding errors, only gave the software giant three days to investigate the flaw before publicizing it.

In a blog post, Sophos researchers said they discovered malware that exploits the vulnerability on Tuesday. The malicious code, which spreads via a compromised website, downloads and executes an additional piece of malware on a victim’s computer, they said.

In a separate blog post, Graham Cluley, senior technology consultant at Sophos, said Ormandy’s disclosure was irresponsible. “So my question to Mr Ormandy is this — do you feel proud of your behaviour? Do you think that you have helped raise security on the Internet? Or did you put your vanity ahead of others’ safety?” he asked.

Microsoft said in a Twitter message that it was aware of limited attacks exploiting the Windows Help vulnerability, and advised customers to apply the fix included its advisory last week.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: