MUST SHARE THIS…………..
Subject: Virus warning F1 key
Microsoft has announced a new virus is making the rounds.
It pops a box up on your screen and tells you to press F1 for further help when you visit an infected website. Pressing F1 downloads and engages the virus.
Microsoft said a patch for the virus won’t be ready until March 9th, at the earliest, so they’re putting out this warning to tell everyone that if you are prompted to press F1, ignore it, no matter how many times it continues to pop up and remind you
The Virus warning message purportedly from Microsoft advises people not to press F1 key for further help while visiting an infected website, as it can download and engage the virus.
It is a fact that Microsoft did issue such a warning in their Security Advisory back in March 2010, when they realized the vulnerability in their VBScript could allow remote code execution.
The vulnerability could allow remote code execution if a malicious Web site displayed a specially crafted dialog box on a Web page and a user pressed the F1 key, causing the Windows Help System to be started with a Windows Help File provided by the attacker. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
However, this vulnerability was only applicable to operating systems of Microsoft Windows 2000, Windows XP, and Windows Server 2003. Moreover, in April 2010, Microsoft addressed this vulnerability with a Security Update. So this virus warning not to press F1 key for help is out dated now. It is just that the old warning messages are still circulating online, without disclosing the complete facts. Note that the users of aforementioned operating systems who do not have automatic updates enabled and did not manually apply any security updates since April 2010 can be at risk of this F1 key exploitation. Such users should update their operating system.
Hoax or Fact:
Fact with some misinformation.
Microsoft Security Advisory (981169)
Microsoft Security Bulletin MS10-022 – Important