Vulnerability Windows Help and Support Center (CVE-2010-1885) in numbers

The prehistory is such that on June 10, the notorious Google engineer Tavis Ormandy aka taviso revealed a vulnerability in the mechanism for checking calls (hcp: //) to the Microsoft Windows Help Center. Actually, he not only made public the vulnerability, but also opened the source code of the exploit. MS complained about this comrade that he gave them little time to close the vulnerability, and in general it was in vain to lay it out in public, but I don’t want to discuss the moral side here. A little later, an exploit appeared in the Metasploit repository.


A few days later, after the announcement of taviso, MS announced the figures for the number of attacks they recorded using this vulnerability.


The graph clearly shows an avalanche of the number of recorded attacks, and in spite of even its own statistics, no decision was made to issue an emergency update. Russia was among the leaders in the number of recorded incidents.


Win Server 2003 (x32 / x64) and Win XP SP2 / SP3 (x32 / x64) operating systems turned out to be vulnerable for more than a month, but today the MS10-042 update covering this vulnerability has finally been released.
')
On the eve of the release of the patch, MS updated this data and it turned out even more interesting:


The total number of daily incidents has increased significantly, and in terms of the number of attacks, we overtook Portugal and escaped to the first place.