A high-risk vulnerability has been detected in Microsoft systems, which could be exploited to spread a new virus or worm, a Symantec advisory has warned.
Symantec told users to patch their machines immediately to avoid any adverse effects. The patch can be downloaded from the Microsoft site at http://www.microsoft.com/security/security_bulletins/200405_windows.asp. Symantec analysts have rated this vulnerability as a high risk, because of its potential impact if exploited successfully.
The vulnerability is in the Help and Support Center (HSC) of Microsoft Windows, which is a feature in Windows that provides help on a variety of topics, such as downloading software updates. If exploited, the HSC vulnerability could allow remote code execution, allowing an attacker to gain complete control of an affected system. This would allow the attacker the ability to install programs, view or change information, or create new accounts with full privileges.
Windows operating systems that are affected include Microsoft XP and Microsoft Server 2003.
Users are encouraged to apply the security patch for the HSC vulnerability as soon as possible. Symantec reminded users that it is important to exercise caution when browsing the internet and when reading e-mail.
Written by Computing SA staff