Alert

Microsoft Windows Help and Support Center Vulnerability

Last Revised

US-CERT is aware of a vulnerability affecting the Mircosoft Windows Help and Support Center. This vulnerability is due to improper sanitization of hcp:// URIs. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands.



US-CERT encourages users and administrators to review Vulnerability Note VU#578319 and implement the workarounds to help mitigate the risks and reduce attack vectors.



US-CERT will provide additional information as it becomes available.

This product is provided subject to this Notification and this Privacy & Use policy.