Critical Flaw Discovered in Windows XP/Server 2003
A critical vulnerability has been discovered in Windows XP and Server 2003. The vulnerability in Windows Help and Support Center allows hackers to take complete control of exposed machines when viewing a special webpage that exploits the bug.
Antivirus provider Sophos said “This malware downloads and executes an additional malicious component (Troj/Drop-FS) on the victim’s computer, by exploiting this vulnerability.”
It is recommended that XP and Server 2003 users consider disabling some features of Windows Help and Support until the issue is patched. Microsoft has an article here detailing how to do that.