Windows vulnerability in .HLP files revealed

By Justin Mann on April 11, 2007, 5:53 PM
The same day that various Office flaws were brought into the public light, yet another Windows vulnerability has been reported. This one could spell trouble, as it has the potential to cause code execution and ultimately system compromise. The problem, which McAfee reported, is in Windows help files. Currently, Microsoft's advice is to “use caution” :

Microsoft said it is aware of the issue and advises caution with ".hlp" files, which are as unsafe as ".exe," as both file types are executable, it said.
The scope of this flaw is probably limited, as .HLP files aren't exactly in abundance and aren't something most people expect to encounter. By that same token, they are also considered to be benign and something simple enough to be trusted.




User Comments: 2

Got something to say? Post a comment
howzz1854 said:
i just don't see any immediate danger here. how many people here actually use the "help" system in windows. in case one hasn't noticed, all they do is tell you the things you already know anyway.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.