“Help & Support” Exploit Used On 10,000 Systems

Nearly a month after a Google engineer (shame) irresponsibly disclosed details of a new Windows XP flaw, criminals are ramping up online attacks that leverage this bug.  Microsoft reported Wednesday that it has now logged more than 10,000 attacks.   At first it was only legitimate researchers testing proof-of-concept code.   Then on June 15th, the first real public exploits began to emerge.

“Those initial exploits were targeted and fairly limited.  In the past week, however, attacks have picked up.”  The attacks, which are being launched from malicious Web pages, are concentrated in the U.S., Russia, Portugal, Germany and Brazil, Microsoft said.   PCs based in Russia and Portugal, in particular, are seeing a very high concentration of these attacks.

To avoid falling victim, Microsoft advised users to turn off the part of the Help and Support system that is vulnerable. It has produced an automated tool that can do this for users.