Microsoft issued a new Security Advisory for a flaw in the Windows Help and Support Center. The vulnerability affects Windows XP and Server 2003, Vista and 7 are unaffected.
This vulnerability allows the help links in the Help Center to be hijacked to run executables on the victim’s computer.
Unregistering the HCP Protocol prevents this issue from being exploited on affected systems.
For that you'll need to access the ROOT hive of your registry. If you don't know what that is or are not familiar with it, I suggest you don't mess with it. Doing so can render your computer useless.
So, you can do 2 things, delete the HCP Registry or Rename it.
As always, back up your registry first.
1.Click Start, click Run, type Regedit in the Open box, and then click OK
2.Locate and then click the following registry key: HKEY_CLASSES_ROOT\HCP
3. Click the File menu and select Export
4.In the Export Registry File dialog box, enter HCP_Procotol_Backup.reg and click Save.
Note This will create a backup of this registry key in the My Documents folder by default.
Then proceed to delete the registry key.
5. Press the Delete key on the keyboard to delete the registry key. When prompted to delete the registry key via the Confirm Key Delete dialog box, click Yes.
or rename it...
6. Right click the HCP key and click Rename on the pop up menu. Change it's name to something like "HCP-Offline" "HCP-Disable" or whatever you like.
And once there's notice that the issue is resolved just remember to go back and change it's name back to HCP.
Stay safe out there.
This vulnerability allows the help links in the Help Center to be hijacked to run executables on the victim’s computer.
Unregistering the HCP Protocol prevents this issue from being exploited on affected systems.
For that you'll need to access the ROOT hive of your registry. If you don't know what that is or are not familiar with it, I suggest you don't mess with it. Doing so can render your computer useless.
So, you can do 2 things, delete the HCP Registry or Rename it.
As always, back up your registry first.
1.Click Start, click Run, type Regedit in the Open box, and then click OK
2.Locate and then click the following registry key: HKEY_CLASSES_ROOT\HCP
3. Click the File menu and select Export
4.In the Export Registry File dialog box, enter HCP_Procotol_Backup.reg and click Save.
Note This will create a backup of this registry key in the My Documents folder by default.
Then proceed to delete the registry key.
5. Press the Delete key on the keyboard to delete the registry key. When prompted to delete the registry key via the Confirm Key Delete dialog box, click Yes.
or rename it...
6. Right click the HCP key and click Rename on the pop up menu. Change it's name to something like "HCP-Offline" "HCP-Disable" or whatever you like.
And once there's notice that the issue is resolved just remember to go back and change it's name back to HCP.
Stay safe out there.
RSS Feed
