B e aware of a newly discovered vulnerability in the Windows Help and Support Center function that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. (Vista, windows 7 and Server 2008 users are not effected)
This vulnerability was discovered and disclosed before Microsoft was given a chance to test and issue any patches, so it’s out there and the bad guys know it! Microsoft has issues a “Fix-IT” that I strongly encourage you to do!
Get the Fix-It.
More information from Gibson Research.
Update July13, 2010
This one is fixed in today’s Microsoft Windows update Patch KB2229593
