PCWorld: Microsoft Warns of New Bug Affecting IE Users
The vulnerability could allow hackers to install malicious code on effected computers, but there’s an easy work-around: don’t press the F1 key.
“Microsoft warned Monday of a new vulnerability that affects Internet Explorer users, saying that it could be exploited by hackers to install malicious software on a victim’s computer.
The flaw lies in the way Microsoft’s VBScript works with Windows Help Files in Internet Explorer. But for an attack to work, the victim must press the computer’s F1 key, Microsoft said. ‘Our analysis shows that if users do not press the F1 key on their keyboard, the vulnerability cannot be exploited.'”