Don't Press F1 Key: New Malware Targets Internet Explorer

Dennis Faas's picture

According to a report by Microsoft, a new security hole has emerged in older versions of Windows systems running Internet Explorer. Hackers could use the vulnerability to take control of a user's system.

The flaw has been found in systems running Windows 2000, Windows XP, and Windows Server 2003. Microsoft says the issue is tied to the way that Visual Basic Scripting, or VBScript -- which is used for executing functions found in web pages -- is linked with Windows Help files.

Fake Dialog Box Requests Users Hit F1

In the case of an attack, a victim using Windows 2000, XP, or Server 2003 would only need to visit a malicious web site where a dialog box would be presented, enticing users to press their F1 key. Once the key is pressed, the system is hijacked and malware is installed on the computer. (Source:

Typically, the F1 key is used to initiate the help function, so a play on this scenario may be employed by the hacker(s) involved in such a scheme.

Users who've upgraded to more recent versions of Windows, including Windows Server 2008, Windows Vista, and the new Windows 7, will not be affected by the vulnerability.

Microsoft Provides Workarounds

Microsoft has provided a security advisory that outlines a number of workarounds for users of Windows XP or Windows 2000.

The first and most obvious is to not hit the F1 key when prompted by any web site, since this is rarely a normal procedure when visiting a website. Secondly, users can restrict access to the Windows Help System, and they can also set their security settings to "high" in order to block ActiveX Controls and Active Scripting associated with the ploy. (Source:

If users come across a site that asks them to click F1, it is recommended to use the Windows Task Manager by pressing CTRL + ALT + DEL on the keyboard, then select the Internet Explorer task using the mouse, and end it by pressing the DEL key.

Rate this article: 
No votes yet