Microsoft Scrambles To Fix New Security Vulnerability


InformationWeek SMB: Microsoft Scrambles To Fix New Security Vulnerability

The vulnerability, which exploits linking to the Microsoft Help Center and could effect other software, including e-mail, can be fixed by disabling the HCP Protocol. That breaks all links to the Help Center, however. Microsoft may issue a patch separate from its regular monthly security updates.


“Microsoft was left racing to patch a Windows Help and Support Center vulnerability after Tavis Ormandy, an information security researcher who’s charged with keeping Google’s products secure, Thursday publicly disclosed both the bug as well as proof-of-concept attack code.

Ormandy reportedly informed Microsoft of the vulnerability on Saturday, June 5, and Microsoft acknowledged receipt the same day. Five days later, however, Ormandy went public with a posting to the Full Disclosure mailing list. Later that day, Microsoft issued its own vulnerability announcement.”

Small Business Computing Staff
Small Business Computing Staff
Small Business Computing addresses the technology needs of small businesses, which are defined as businesses with fewer than 500 employees and/or less than $7 million in annual sales.

Must Read

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.