New Windows XP Vulnerability – How To Fix It

There’s a new vulnerability in Windows XP concerning parts of the Help and Support system. It was found by a Google researcher who posted the flaw just five days after talking with Microsoft about it. Evidently Microsoft wasn’t addressing the issue fast enough for him, raising a bit of a backlash from the community for not giving Microsoft time to respond.

Whatever the case, the exploit is now in the wild and XP machines are vulnerable to drive-by attacks on evil web sites.

It affects Windows XP’s Help and Support functions. Anything using the HCP protocol (hcp:// URI’s) is subject to unauthorized commands.

The easiest way to fix it is to go to Microsoft’s ‘Fix it’ page. You can fix it and, if you don’t like what happens, unfix it from the same site. Pretty cool.

This can also be manually done by following these simple directions:

  1. Click Start, and then Run.
  2. Enter regedit, and click OK.
  3. Expand HKEY_CLASSES_ROOT, and then highlight the HCP key.
  4. Right-click and Export the ‘Selected Branch’ to be on the safe side.
  5. Right-click the HCP key, and then click Delete.

I read that it may cause some problems in your Control Panel, but I’ve tried most of the links and everything seems to be working on my XP computer.

[Editor’s Note: This vulnerability was fixed in this month’s Windows Update (July 13th), so make sure your computer is set to update Windows automatically or open your IE browser and go to Tools/Windows Update to download the security patch]