Microsoft has issued a security advisory for Windows XP users that pressing the F1 key when prompted to online could put users at risk for a hack.
The F1 key vulnerability exists because of an un-patched vulnerability in Internet Explorer that would allow hackers to hijack the source PC.
Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. The main impact of the vulnerability is remote code execution. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.
Microsoft may supply a security patch for this vulnerability in an upcoming patch release. No date or confirmation of this patch is available.
Via network world