U.S. Flag Official website of the Department of Homeland Security

Microsoft Windows Help and Support Center Vulnerability

Original release date: June 10, 2010 | Last revised: October 23, 2012

US-CERT is aware of a vulnerability affecting the Mircosoft Windows Help and Support Center. This vulnerability is due to improper sanitization of hcp:// URIs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands.

US-CERT encourages users and administrators to review Vulnerability Note VU#578319 and implement the workarounds to help mitigate the risks and reduce attack vectors.

US-CERT will provide additional information as it becomes available.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top