Sanjay Katkar

Windows XP users do not press F1 if prompted by a website

March 3, 2010
Estimated reading time: 1 minute
As Abhijit Kulkarni yesterday blogged about the .HLP vulnerability in Windows XP. See details below in his blog. I observed that Microsoft has rated this vulnerability as “Medium risk” as it needs user intervention. We are monitoring for any malicious exploit of this vulnerability being made by any malware.

I see no reason why this vulnerability will not be exploited and hence recommend all our users to avoid pressing F1 in Windows XP when using the browser. If a website is showing a prompt or asking users to press F1 to perform certain activity, there may be chance that the website is infected by a malware exploiting this vulnerability.

If anybody comes across such website which is asking to press F1 repeatedly, please report it to us on viruslab at quickheal dot com

Have something to add to this story? Share it in the comments.

Sanjay Katkar
About Sanjay Katkar
Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of Quick Heal Technologies Limited. He holds a Masters in Computer Science from University...
Articles by Sanjay Katkar »

No Comments, Be The First!

Your email address will not be published.