Microsoft investigates HTML help flaw

Another critical hole has been found in Microsoft's standard help system. A hole was patched a few weeks ago; this time there is a published report on the Internet and a proof-of-concept exploit. The flaw lets attackers use a buffer overflow to run malicious code. Microsoft officials say the hole is limited to computers with the help development tools installed, but the investigation isn't finished.

For more on the flaw:
- check out this eWeek article

ALSO: Confidential data sent to wrong company--for 15 months. Article