Microsoft urges patching of Support Centre flaw

Microsoft has again urged users to patch the Help and Support Centre flaw in Windows XP discovered by a Google researcher, revealing that over 25,000 computers in over 100 regions have reported attack attempts at least once.

The flaw was disclosed last month by Google security engineer Tavis Ormandy, but security experts were quick to denounce his actions in disclosing before Microsoft had time to develop a fix.

Microsoft first warned of the increasing threat from the vulnerability two weeks ago when Holly Stewart, a senior program manager with Microsoft's Malware Protection Centre (MMPC), wrote in a blog post that the company had seen over 10,000 PCs hit by related attacks.

In an updated post on the MMPC Threat Research and Response blog, Stewart stressed the importance of applying the critical update for the flaw made available in yesterday's Patch Tuesday.

"A few weeks ago, MMPC reported seeing automated attacks that were identified by the signatures we had deployed in our protection products. These attack attempts have continued to expand and some new attack patterns have come into play," she said.

"As of midnight on July 12 (GMT), over 25,000 distinct computers in over 100 countries/regions have reported this attack attempt at least one time."