Previous in Forum: Testing Switching Time of External Relay   Next in Forum: New Virus Makes Folders Invisible
Close
Close
Close
6 comments
Guru

Join Date: Feb 2006
Posts: 1763
Good Answers: 6

Avoid F1 key While On The Internet

07/07/2010 8:23 AM

I have recently received this alert:

CVE-2010-0483

(under review)

Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings

Description
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe

when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability."



*****************

Microsoft Security Advisory (981169)

Vulnerability in VBScript Could Allow Remote Code Execution

Published: March 01, 2010 | Updated: April 13, 2010

Version: 2.0
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-022 to address this issue. For more information about this issue, including download links for an available security update, please review MS10-022. The vulnerability addressed is the VBScript Help Keypress Vulnerability - CVE-2010-0483.

**************

Is there a real alert or a hoax?

Register to Reply
Pathfinder Tags: F1KeyOnInternet
Interested in this topic? By joining CR4 you can "subscribe" to
this discussion and receive notification when new comments are added.

Comments rated to be Good Answers:

These comments received enough positive ratings to make them "good answers".
3
Guru
United States - Member - New Member Engineering Fields - Electrical Engineering - New Member

Join Date: Jul 2008
Posts: 1160
Good Answers: 36
#1

Re: Avoid F1 key while on the Internet

07/07/2010 9:03 AM

This is what snopes has to say about the F1 key and Internet Explorer:

"Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008...

"The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user."

It goes on further to state that "this vulnerability was addressed in an April 2010 Microsoft security update." Only computers running Microsoft Windows 2000, Windows XP, or Windows Server 2003 without automatic updates (or those who have not updated since April 2010) are at risk.

Takeaways:

  1. Do not do anything a website says to do unless it is a trusted source.
  2. Keep up-to-date on your updates.
  3. Even if you are up-to-date on updates, use common sense when perusing the internet (security risks can evolve faster than people can create patches for them).
Register to Reply Good Answer (Score 3)
Guru

Join Date: Feb 2006
Posts: 1763
Good Answers: 6
#2
In reply to #1

Re: Avoid F1 key while on the Internet

07/07/2010 9:23 AM

Thanks

Register to Reply
Guru
Popular Science - Weaponology - bwire Hobbies - Car Customizing - New Member

Join Date: Dec 2007
Location: Upper Mid-west USA
Posts: 7503
Good Answers: 96
#3

Re: Avoid F1 key While On The Internet

07/09/2010 6:18 AM

Why would one press F1 while online?

__________________
If death came with a warning there would be a whole lot less of it.
Register to Reply
Commentator
United States - Member - Preserve and protect...

Join Date: Nov 2005
Location: First, DO NO HARM!
Posts: 78
Good Answers: 4
#4
In reply to #3

Re: Avoid F1 key While On The Internet

07/09/2010 8:22 PM

Why press F1 online?

Consider some rather innocuous website returned as a "sponsered link" from a trusted search engine but one having no readily apparent sense to its layout or function; one which WAS accessed by a well-intended but naive surfer, someone looking for an answer to their query-of-the-day the best way they knew how, but one which was intended to be anything BUT helpful.

E.G.: One selected unwittingly by "one" who decided to "google it" the best they could on their own - as many "gurus" on this website chastise others for NOT doing - as if, well, that's OT.

Fools are NOT born every minute, I submit; they get that way because others are too haughty to warn them of their foolishness in such a way that neither of them are denigrated but both of them become more enlightened. Also OT.

Meanwhile, so as not to be OT yet not to NOT answer your OT query AND the OP: the snopes advice is EXCELLENT.

I offer the following in addition:

(1) Update manually from MS (daily from AV), about 1-week from the END of the month. Turn AutoUpdate OFF and ignore the cautions, ignore MS Tuesday or Thursday or any other MS day ending in "y." Despite their disclaimers, MS has no way to test all updates for the combinations of software and hardware extant and should not be trusted to do so. Give the update process time - i.e. let someone ELSE debug the "updates" - but then take responsibility for doing the update yourself AFTER the dust settles. It's like taking responsibility for not driving drunk, for not loaning your car keys to a "distraught" stanger knocking on your window, for not... you get the point. Protect yourself, but don't resolve to live in a cave without being willing to surrender satTV. There's a challenge there.

(2) Err on the conservative side; look at not the Google-label but the http shown by hovering over it; and PLEASE accept no cookies from anyone or anything outside the http (set "accept no 3rd party cookies" in IE). If that results in a "Done" in the lower left corner of IE's window - and nothing on the screen - don't DON'T do anything other than close that window/tab and go to the NEXT google return. Be prepared to miss a few "legitimate" returns for the sake of not getting "sucked in" by the many unscrupulous ones. I pay my electric bill by mail because their web-pay requires accepting a 3rd-party cookie - "webtrendslive" if I remember correctly - which I refuse to do. Their "save the trees and get your bill online" rings hollow to me.

(3) If you can't understand how to navigate or negotiate a website, DON'T PLEASE DON'T hit F1, hit "X" because esoterics are for poets, not surfers: If you need help to use the website, you are probably NOT the intended end-user, you are probably just an intended victim. If your eMail is filled with "Returned Mail" notices, please PLEASE just review your "Sent Items" folder and use your HEAD.

Regards.

__________________
Pessimists are rarely disappointed; optimists are rarely celebrated; pragmatists are neither pessimists nor optimists, and are therefore never wholly right or wrong. -- Anon
Register to Reply Off Topic (Score 5)
Guru
Popular Science - Weaponology - bwire Hobbies - Car Customizing - New Member

Join Date: Dec 2007
Location: Upper Mid-west USA
Posts: 7503
Good Answers: 96
#5
In reply to #4

Re: Avoid F1 key While On The Internet

07/10/2010 5:31 AM

Wow...

Anyway I asked because there is a proper F key to use when online and wanting to securely exit a site or an executable pop-up but it's not F1.

I'm curious so humor me

__________________
If death came with a warning there would be a whole lot less of it.
Register to Reply Off Topic (Score 5)
Commentator
United States - Member - Preserve and protect...

Join Date: Nov 2005
Location: First, DO NO HARM!
Posts: 78
Good Answers: 4
#6
In reply to #5

Re: Avoid F1 key While On The Internet

09/03/2010 9:32 PM

Sorry it took so long to respond; more sorry that we're both officially "OT" BUT:

Many Windows users are acclimated to the F1 key as "Help." Most IE users are used to the "X" button in the top right corner to, as you say, "securely exit a site or an executable pop-up..."

I shouldn't have assumed that everyone was a Windows or IE user when I posted that precaution. Apologies to all, but I hope at least that I answered your query.

__________________
Pessimists are rarely disappointed; optimists are rarely celebrated; pragmatists are neither pessimists nor optimists, and are therefore never wholly right or wrong. -- Anon
Register to Reply
Register to Reply 6 comments
Interested in this topic? By joining CR4 you can "subscribe" to
this discussion and receive notification when new comments are added.

Comments rated to be Good Answers:

These comments received enough positive ratings to make them "good answers".
Copy to Clipboard

Users who posted comments:

bwire (2); euhodos (2); Haajee (1); Jaxy (1)

Previous in Forum: Testing Switching Time of External Relay   Next in Forum: New Virus Makes Folders Invisible
You might be interested in: Bar Code Scanners, Bar Code Cards, Bar Code Software

Advertisement