Microsoft to XP Users: Don’t Press F1

microsoft to xp users dont press f1 geoff s key

On the heels of a Google engineer finding a security vulnerability that had been lurking in Microsoft Windows’ Virtual DOS Machine for 17 years, another doozy has turned up: Microsoft has issued a security advisory for Windows 2000, Windows XP, and Windows Server 2003 that just pressing the F1 key—you know, for help—while using Internet Explorer could trigger a VBScript vulnerability that could enable attackers to take over the machine.

“The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer,” Microsoft wrote in the advisory. “If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.”

In theory, the flaw could be exploited by attackers passing malware disguised as a Windows Help (“.hlp“) file. Exploiting the issue does require that the attackers somehow convince users to press the F1 key to trigger the vulnerability. The flaw impacts Internet Explorer 6, 7, and 8 on the affected operating systems; Windows Vista and Windows 7 are not vulnerable.

“As an interim workaround, users are advised to avoid pressing F1 on dialogs presented from Web pages or other Internet content,” said Microsoft Security Response Center’s David Ross, in a Technet blog post.

Microsoft has expressed dismay that the vulnerability was made public before a patch could be developed and deployed to mitigate the risk. Typically, security researchers report flaws to vendors privately so a workaround can be tested and released before announcing the flaw to the broader world where attackers and cybercriminals might move quickly to exploit it.

Product Review

It's not the sharpest tool, but the Surface Go does it all for $400

Microsoft has launched the $400 Surface Go to take on both the iPad and Chromebooks, all without compromising its core focus on productivity. Does it work as both a tablet and a PC?
Computing

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.
Computing

Edit, sign, append, and save with six of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Computing

Protect yourself from the latest malware with the best free antivirus software

Malware, spyware, and adware is never fun to find on your PC. Check out our picks for the best free antivirus software, so you can rid your system of any dangerous software that might be lurking around.
Emerging Tech

An A.I. cracks the internet’s squiggly letter bot test in 0.5 seconds

How do you prove that you’re a human when communicating on the internet? The answer used to be by solving a CAPTCHA puzzle. But maybe not for too much longer. Here is the reason why.
Computing

Qualcomm’s dual-screen PC concept looks like two connected Surface Go tablets

In Qualcomm's video teaser, we got a glimpse of the company's vision for how a dual-screen ARM PC should work. The internet reacted to Qualcomm's video, calling the device in question merely a mashup of two Surface Go tablets.
Deals

Check out the best Green Monday deals for those last-minute gifts

Black Friday and Cyber Monday have come and gone, but that doesn't mean you've missed your chance of finding a great deal. We're talking about Green Monday, of course, and it falls on December 10.
Computing

Hololens 2 could give the Always Connected PC a new, ‘aggressive’ form

Microsoft is said to be leaning on Qualcomm to power its Hololens 2 headset. Instead of Intel CPUs, the next Hololens could use a Snapdragon 850 processor, allowing it to benefit from the always-connected features.
Computing

Chrome’s dark mode may cast its shadow over Macs by early 2019

By early 2019 Google may release a version of Chrome for Mac users that offers a Dark Mode feature to match MacOS Mojave's recent darkening.
Computing

These laptop bags will keep your notebook secure wherever you go

Choosing the right laptop bag is no easy feat -- after all, no one likes to second-guess themselves. Here are some of the best laptop bags on the market, from backpacks to sleeves, so you can get it right the first time around.
Home Theater

Step aside set-top boxes, the best streaming sticks are tiny and just as powerful

Which streaming stick reigns supreme? We pit the Chromecast and Chromecast Ultra against the Roku Premiere, Roku Streaming Stick+, and the Amazon Fire TV Stick 4K to help you decide which one will be the best fit in your living room.
Computing

If you've lost a software key, these handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.
Computing

Google+ continues to sink with a second massive data breach. Abandon ship now

Google+ was scheduled to shut its doors in August 2019, but the second security breach in only a few months has caused the company to move its plan forward a few months. It might be a good idea to delete your account sooner than later.
Computing

Is your PC slow? Here's how to restore Windows 10 to factory settings

Computers rarely work as well after they accumulate files and misconfigure settings. Thankfully, with this guide, you'll be able to restore your PC to its original state by learning how to factory reset Windows.