Text scams are increasingly becoming common again due to the forthcoming Philippine national and local elections, as political campaigns take to rampant text messaging for faster political mobilization. Earlier, I received a text message with the following content:

May GOD bountifuly bles u & ur family. Have a blissful day Fr Frends of UNI-MAD Party List, United Movement Against Drugs no.181′Luv ur famly, say NO 2 drugs.

According to the Philippine National Statistical Coordination Board, the National Telecommunications Commission (NTC) reported an average of 250 million text messages sent daily in 2005. A more updated study reported an upsurge, which more than doubled the said figure in 2009, along with a growth in the number of mobile phone users (i.e., over 63 million).

Numbers such as these in a country known as the “text capital of the world” set the stage for the proliferation of texts scams such as one that features the following message:

CONGRATULATIONS!!!Your # WON TOYOTA AVANZA car w/ 300thou via electronic last Dec.21,2009. For details,please call now Rene Samonte. of Phil. Info. Center on this #.

As similar instances of text scams have already occurred in the past, it is best to take heed and be wary of your mobile phone activities before you fall prey to potential text scams.

Asking for help in Windows could lead to more trouble.

A newly discovered vulnerability in Internet Explorer (IE) leverages the ability of a Visual Basic script to invoke an .HLP (Windows Help file format) file, which could give a remote attacker the ability to run arbitrary code on an affected system.

Visual Basic uses the following syntax to call the MsgBox function, which is used to display message boxes:

MsgBox(prompt[,buttons][,title][,helpfile,context])

However, if a specially crafted .HLP file passes as a variable, remote users would be able to run arbitrary code on an affected system. To trigger the vulnerability, some user interaction is needed, as he/she has to be directed to the page hosting the exploit and to press F1 when the message box appears.

The exploit does not affect all versions of Windows. Systems running Windows 2000, Windows XP, and Windows Server 2003 are vulnerable. Those that run Vista, Server 2008, Server 2008 R2, and Windows 7 are not.

Microsoft is already aware of the issue and has issued the following statement:

Our teams are working to address the issue and once we complete our investigation, we will take appropriate action to protect customers. This may include releasing an update out of band. We will provide further updates as they become available.

In addition, it also released a security advisory that details several workarounds for the said vulnerability. For users, the most important advice is simple—do not press the F1 key when prompted by a website.

Until the official patch is released, however, Trend Micro Deep Security™ can help shield users from this vulnerability and Trend Micro OfficeScan™ users with Intrusion Defense Firewall (IDF) plug-in are also protected from this attack if their systems are updated with the IDF10-009 release and rule number IDF1004019.