The Latest Internet Explorer 0Day

As it happens: I have been skiing last week (the weather was gorgeous) and now I am back (unfortunately) and confronted with the next Internet Explorer 0Day vulnerability, which already causes noise – in my opinion too much for the real technical problem. If you read the blog post of the Microsoft Security Response Center called Investigating a new win32hlp and Internet Explorer issue, you will find the following facts – as far as we know them by now:

  • The user has to be tricked into pressing F1 in response to a Pop-Up (no automation)
  • We are not aware of any attacks exploiting this issue
  • It is Windows XP “only”

This leads me back to the discussions I had with customers over the last few weeks: Windows XP was released 31. December 2001 – 8 years ago. If you would give it 2 years development and engineering time, we are talking of a 10 year old operating system. During a discussion a friend of mine said “your are not driving a 10 years old car neither” – which is not accurate. If you look how the threat landscape developed on the Internet over the last 10 years, you should probably compare it with a 50 years old car. The real problem with Windows XP in my opinion is, that it is rock-solid – but in my opinion not suited anymore for today’s threats. As you have a great alternative now – you should definitely consider moving to Windows 7. And you should move from IE 6 (if you are still there) to IE8!!

If I would have one wish to you from a security perspective: Move to the latest version of your software – everywhere (knowing that this is not an easy task to do)


Comments (1)

  1. Bitwiper says:

    IMO it is a bad thing that a Chief Security Advisor mixes security with commercial propaganda.

    In particular because this vulnerability is not XP only (any OS with WinHlp32.exe installed), applies to any browser version including IE8 (but it *is* IE-only), and last but not least, XP SP3 is not 10 years old.

    Furthermore you can bet on the fact that any-color-hats are now looking for similar exploits that do not require WinHlp32. I hope they’re white when they find things.

Skip to main content