<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d10668659\x26blogName\x3dOrganized+Individualists\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dSILVER\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttps://organizedindividualists.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://organizedindividualists.blogspot.com/\x26vt\x3d-2572478259347834530', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Do not press the button marked "Do Not Press"

No, really, don't press it.

"The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer," read the advisory. "If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user."

I'm not that down on Microsoft for this. XP is, after all, a ten-year old OS, so things like this will take longer to patch than for, say, Windows 7. But what makes Windows good, the interaction between the OS and Office, is what allows this to happen.

This entry was posted by Kevin Creighton, on 3.02.2010. You can leave your response.

“Do not press the button marked "Do Not Press"”
Organized Individualists is powered by Blogger and Blogger Templates. Theme is designed by Fauxzen