Microsoft warned us today that Windows XP users must not press the F1 key when prompted by a Web site. Microsoft comfirmed the unpatched bug in VBScript that the Polish researcher Maurycy Prodeus had revealed Friday. The vulnerability exist in the way what VBScript interacs with Windows Help files in Internet Explorer.
Not only IE6 but also IE7 and IE8 are vulnerable on operating systems Windows 2000, XP and Server 2003. Until the bug is patched users can only protect themself by not pressing the F1 key in Internet Explorer.
Computer users running Windows Vista, Server 2008, 7 and Server 2008 R2 are safe from such attacks Microsoft said.