Google researchers public disclosure of Windows XP error, Microsoft irks

Last Updated on November 22, 2018



Updated July 2022: Stop getting error messages and slow down your system with our optimization tool. Get it now at this link
  1. Download and install the repair tool here.
  2. Let it scan your computer.
  3. The tool will then repair your computer.

Tavis Ormandy, Google security researcher, discovered a vulnerability in Windows Help, which is the default application for accessing online documentation for Microsoft Windows.

Microsoft supports direct access to help documents via URLs by installing a protocol manager for the hcp schema, a typical example is included in the Windows XP command line reference and all details are documented here.

This issue was reported to Microsoft on June 5, 2010. Less than four days later, on June 9, 2010, he made it public.



July 2022 Update:

You can now prevent PC problems by using this tool, such as protecting you against file loss and malware. Additionally it is a great way to optimize your computer for maximum performance. The program fixes common errors that might occur on Windows systems with ease - no need for hours of troubleshooting when you have the perfect solution at your fingertips:

  • Step 1 : Download PC Repair & Optimizer Tool (Windows 10, 8, 7, XP, Vista – Microsoft Gold Certified).
  • Step 2 : Click “Start Scan” to find Windows registry issues that could be causing PC problems.
  • Step 3 : Click “Repair All” to fix all issues.

download



Disclosure of the details of this vulnerability and how to exploit it without giving Microsoft time to solve the problem now makes attacks more likely and endangers Windows XP users !(2)

Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2 users are not vulnerable or at risk for this problem.

One of the main reasons why we and many others in the industry advocate responsible disclosure is that the software vendor who wrote the code is best able to understand the root cause. Although this was a good discovery by the Google researcher, it turns out that the analysis is incomplete and that the workaround suggested by Google can be easily bypassed. In some cases, it takes longer for a complete update that can not be avoided and does not cause quality problems, says Microsoft.

It is regrettable, even irresponsible, that the security researcher decided to make public without giving Microsoft time to correct this vulnerability.

customers can follow the instructions in Safety Advisory 2219475 to protect themselves from this problem.

UPDATE : Microsoft has released a FixIt to fix this problem.



Expert Tip: This repair tool scans the repositories and replaces corrupt or missing files if none of these methods have worked. It works well in most cases where the problem is due to system corruption. This tool will also optimize your system to maximize performance. It can be downloaded by Clicking Here