Microsoft Warns of XP Help Function Security Flaw
Microsoft has identified a potential security risk in the Help function of Windows XP. But there is some controversy over the way the issue has come to light.
This bug involves XP's Help and Support Center, and specifically a style of link which routes a browser to a help page built into Windows rather than a web page. Such links begin hcp:// rather than the more familiar http:// and are a way of making it easier to give online help and advice by allowing writers to include smooth links to Windows' own help pages.
Whitelist Help Pages Spoofed
Tavis Ormandy, an information security engineer for Google, says he's found a security hole. In theory any click on an hcp:// link checks the target page against a "whitelist" of genuine help pages to make sure links can't be used to route users to malicious content.
Ormandy says that by following a particular process, which is admittedly somewhat complex, a would-be hacker could get round this whitelist check and trick the users into running the malicious content. It appears that the issue could be exploited in any web browser, but is a higher risk if using Internet Explorer.
Microsoft Gets Five Day Headstart
Google's Ormandy has now published details of the problem, and how it could be exploited, on a security website known as Full Disclosure. That's not gone down well with everyone, as the posting came just five days after Ormandy informed Microsoft about the issue.
Microsoft requests that people in the security industry operate a policy dubbed "responsible disclosure" by which they do not publicize details of security flaws until Microsoft has a full fix in place. Of course, there's no way for Microsoft to enforce that request, and some researchers argue that it's in the public interest to get details out as soon as possible.
Ormandy argues that he needed to discuss the bug with other security researchers so that he could find a way to prove that it really could be exploited; without such proof, he believes his report would not have been compelling enough for Microsoft to take any notice (partly because it deals with so many potential bugs).
However, according to Ormandy, such discussion would have been impossible if he stuck to Microsoft's disclosure policies. (Source: seclists.org)
Microsoft is investigating fixes to the bug. In the meantime it has published details of how users can disable the hcp:// link feature if they are concerned about potential abuses. (Source: microsoft.com)
Free eBook: The Windows 7 Guide: From Newbies to Pros. In this 46 page guide you will be introduced to Windows 7 and what it has to offer. It will teach you about the new taskbar, how to resolve software compatibility issues, how to customize Windows Aero, and explain what the Windows 7 Libraries are all about. Also included: a detailed list of what software is included in Windows 7, and how easy networking is with Windows 7 along with other topics. The advice within this guide will help new users become acquainted with Windows 7 and can also help those who are on the fence about purchasing Windows 7 decide if it would be a good idea. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.