There have been reports of attacks on computers from the internet via Internet Explorer…
===================================
“Microsoft is investigating new public reports of a vulnerability…on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer…”
Affected Software
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2, Windows Server 2003 with SP2 for Itanium-based Systems, and Windows Server 2003 x64 Edition Service Pack 2
———————————————————————-
“On Friday 2/26/2010, an issue was posted publicly that…an attacker…could convince a user to visit the web page and then get them to press the F1 key in response to a pop up dialog box….
“Anyone believed to have been affected can visit: http://www.microsoft.com/protect/support/default.mspx and should contact the national law enforcement agency in their country. Those in the United States can contact Customer Service and Support at no charge (for computer security related issues) using the PC Safety hotline at 1-866-727-2338 (PCSAFETY). Customers outside of the United States can visit http://support.microsoft.com/international to find local support information.”
———————————————————————–
“…Windows 2000 and Windows XP are impacted…Windows 2003 Server is also impacted…With this issue, it is possible for a malicious web page to display a dialog box which will trigger the execution of arbitrary code when the user presses the F1 key. The prompt can appear repeatedly when dismissed, nagging the user to press the F1 key. Platforms are affected regardless of the Internet Explorer version installed.”