MS.Windows.Help.Center.Protocol.Malformed.Escape.Sequence
Description
This indicates an attack attempt against a vulnerability in Microsoft Help and Support Centre.
The vulnerability is caused by the vulnerable software failing to sanitize malformed escaped sequences. It may allow a remote attacker to execute
arbitrary command via a crafted hcp:// URL.
Affected Products
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Impact
Security Bypass
Arbitrary Command Execution
Recommended Actions
Apply patch:
http://www.microsoft.com/technet/security/bulletin/ms10-042.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |