Symantec today reported a new kind of attack that is exceptionally dangerous using Microsoft Help and Support Center Viewer. With this attack, hackers gain immediate access to the victims computer, rather than having to figure out a way to get the attack code to load (access to a start-up file, a reboot, social engineering).
An attacker tricks a victim into visiting a Web page that loads a binary file of malware via an arbitrary file-overwrite. It also overwrites a help system file, which has the power of executing scripts. The attacker uses this to execute the malicious binary file. Symantec says:
"It's worth noting at this point that in order for this attack to be successful the user must be logged in with Administrator privileges. However, since the standard Windows XP setup on stand-alone systems often has Administrator privileges enabled, and most users don't follow best practices to set up a limited user for general use, this attack may be possible on a large number of machines."