Tuesday 11 May 2004

MS Security Bulletins - 11 May

One MS Security Bulletin issued today.

Microsoft Security Bulletin MS04-015

Vulnerability in Help and Support Center Could Allow Remote Code Execution

This update resolves a newly-discovered vulnerability. A remote code execution vulnerability exists in the Help and Support Center because of the way that it handles HCP URL validation.

An attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. However, significant user interaction is required to exploit this vulnerability.

Please note that Microsoft recommends that the Help and Support Center Service has to be re-enabled before you can install this update. Therefore, if you are like me, you have to weigh the pros and cons of enabling Help and Support in order to patch it.

Microsoft says in Knowledge Base Article 841996 that a vulnerability does not exist unless the Help and Support Center Service is enabled. I have it disabled it here and I will not be installing the patch. I would rather wait till Windows XP Service Pack 2 (though I probably still have to remember to enable the damned service before installing the Service Pack).

References:

Related Tools