Microsoft Windows XP Help and Support Center HCP:// URL could be used to delete files

winxp-helpctr-delete-files (9878) The risk level is classified as MediumMedium Risk


A vulnerability in the Microsoft Help and Support Center HCP URI handler included with Internet Explorer on Windows XP could allow a remote attacker to delete files on another user's computer. A remote attacker could create a specially-crafted HCP:// URL to the uplddrvinfo.htm Help and Support Center page, which contains an ActiveX control that can be used to delete files. If the attacker could convince a victim to click this URL, the attacker could then delete files on the victim's computer.

Note: It may be possible for an attacker to exploit other vulnerabilities with the default Help and Support Center pages to perform other malicious actions on the victim's computer.


File Manipulation


Upgrade to Windows XP SP1, available from the Microsoft Web site. See References.

— OR —

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS02-060. See References.


Platforms Affected:

  • Microsoft Internet Explorer 6.0
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home


Aug 14, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page