Do Not Press F1 If Requested To Do So By A Website.

[Polaris573]

Microsoft is investigating a vulnerability in VBscript that occurs when a user presses "F1". The vulnerability makes use of an interaction between VBscript and the help files of Internet Explorer. Once "F1" is pressed malicious code can be executed in the security context of the logged in user. This security issue only applies to users of Windows 2000, Windows 2003 Server, and Windows XP; Windows Vista and Windows 7 users are not affected. There is no word yet from Microsoft on what would occur if malicious code was executed using the vulnerability.

View at TechPowerUp Main Site

 

[TIGR]

Ooh, this could get a lot of people.

Glad I switched to Firefox (not saying it's bulletproof either!).

 

[human_error]

PRESS F1 NOW TO POST A REPLY TO THIS TOPIC.

sorry, couldn't resist

 

[newtekie1]

I find it odd that after reading the thread title, it was very hard to not instantly press "F1"...

 

[Reefer86]

I find it odd that after reading that, it was very hard to not instantly press "F1"...

#lol

 

[mlee49]

Another reason to not use IE.

 

[pantherx12]

Posted to my facebook were its most likely to come in handy ( lots of stupid friends!)

 

[DrPepper]

Win vista and 7 aren't affected anyway which is what most of us use anyway

 

[BazookaJoe]

Win vista and 7 aren't affected anyway which is what most of us use anyway

Sorry mate, WinXP still accounts for almost 80% of systems running a Microsoft OS on earth.

Vista and 7 are still a distinct minority, when compared.

 

[newtekie1]

Sorry mate, WinXP still accounts for almost 80% of systems running a Microsoft OS on earth.

Vista and 7 are still a distinct minority, when compared.

Not exactly 80%, more like 60%. While Win7/Vista accounts for about 30% right now.

But I think he was refering to us here at TPU, the enthusiasts. Most of us are using Win7/Vista now.

 

[DrPepper]

Sorry mate, WinXP still accounts for almost 80% of systems running a Microsoft OS on earth.

Vista and 7 are still a distinct minority, when compared.

Referring to techpowerup users. Everyone outside of tpu are called "they"

 

[OneCool]

SWEET!!!

I did it and it opened a new tab in Firefox

 

[AphexDreamer]

Not going to lie, I hit F1 and got a new TAB in Chrome. IE should be banned, surprised Australia hasn't banned it yet.

 

[Black Panther]

Posted to my facebook were its most likely to come in handy ( lots of stupid friends!)

Thanks for the idea, done that myself now as well, for the sake of the rest of my family in Canada!

 

[AsRock]

Referring to techpowerup users. Everyone outside of tpu are called "they"

"they" some reason i found it funny..

Is it not more likely that people will press like telling a kid not to do some thing..

 

[Lillebror]

F1 is the new F5!

 

[mtosev]

another critical bug unpatched:

Unpatched critical flaws
On September 8, 2009, Microsoft skipped patching two of the five security flaws that were addressed in the monthly security update, saying that patching one of the critical security flaws was "infeasible".[95] According to the Microsoft Security Bulletin MS09-048, "The architecture to properly support TCP/IP protection does not exist on Microsoft Windows 2000 systems, making it infeasible to build the fix for Microsoft Windows 2000 Service Pack 4 to eliminate the vulnerability. To do so would require re-architecting a very significant amount of the Microsoft Windows 2000 Service Pack 4 operating system, [...] there would be no assurance that applications designed to run on Microsoft Windows 2000 Service Pack 4 would continue to operate on the updated system."

 

[t77snapshot]

Another reason to not use IE.

Exactly I wish IE would die, but that will never happen.

 

[audiotranceable]

PRESS F1 NOW TO POST A REPLY TO THIS TOPIC.

sorry, couldn't resist

Oh knowz. Oh wait I'm on firefox

 

[Steevo]

There have always been issues with help and the places it will take you. The only partial fix I have known of is to use user rights in a domain to prevent issues.

 

[newtekie1]

another critical bug unpatched:

Unpatched critical flaws
On September 8, 2009, Microsoft skipped patching two of the five security flaws that were addressed in the monthly security update, saying that patching one of the critical security flaws was "infeasible".[95] According to the Microsoft Security Bulletin MS09-048, "The architecture to properly support TCP/IP protection does not exist on Microsoft Windows 2000 systems, making it infeasible to build the fix for Microsoft Windows 2000 Service Pack 4 to eliminate the vulnerability. To do so would require re-architecting a very significant amount of the Microsoft Windows 2000 Service Pack 4 operating system, [...] there would be no assurance that applications designed to run on Microsoft Windows 2000 Service Pack 4 would continue to operate on the updated system."

It's Windows 2000, who the f*ck cares?

 

[mtosev]

i seen ppl still using win 2k.

 

[newtekie1]

i seen ppl still using win 2k.

People still using 2000 is more of a crime than Microsoft not patching the security flaw...

It is 10 years old at this point, anyone still running 2000 should consider themselves lucky they are even still getting security patches.

 

[Delta6326]

People still using 2000 is more of a crime than Microsoft not patching the security flaw...

It is 10 years old at this point, anyone still running 2000 should consider themselves lucky they are even still getting security patches.

and should be lucky there computer even turns on. i could never see a computer lasting that long they just break to easily

 

[Tartaros]

and should be lucky there computer even turns on. i could never see a computer lasting that long they just break to easily

My first computer still works flawlessy. And I still use it to play those games that are troublesome to play in an os newer than win98.

Being old doesn't mean it won't work.