Apparently, a hacked website is using the bug in windows‘ Help and Support Center as a “drive-by” attack, and hijacking PCs that are running windows XP. A drive-by attack is one that will affect your PC if you simply visit a website, as opposed to those that trick users into running code on their machine via fake emails or infected programs.
Microsoft declined to name the specific site that was serving the exploit, though they did say it was a site dedicated to open source software. The exploit has since been shut down.
The bug however, published last week by google security engineer Tavis Ormandy, remains in XP. Of course Ormandy published the damn thing, complete with proof-of-concept attack code, less than a week after he reported it to Microsoft, leaving the Redmond company with little time to patch it before it was made public.
Ormandy claims he released it so quickly because Microsoft wouldn’t commit to a release schedule within 60 days, though Microsoft claims that they were going to give Ormandy a release date by the end of the week, and were surprised when he published the bug so quickly.
Regardless of whether or not Ormandy should have published or waited, the exploit is now public, and it’s being used. So if you’re running XP, we suggest you hit the Microsoft site to read the security advisory for a manual fix, or download the “Fix It” tool they published that should help block attacks until an official patch is released.