Contents

Home

About

Archives

Search

Gallery of Onscreen Help

Special Reports

Stikkit's screencasts

Ionic Breeze UI Text

LodgeNet Help

Using Background images

Sidekick's hints

EyeTV Setup Assistant

Help is the Last Resort

Reading Usable Help

Facebook page

@UsableHelp on Twitter

Flipboard magazine

Subscribe via email

Google+

App.net broadcast

RSS Feed

Random Gallery Image

Usable Help is written by

Gordon R. Meyer

Copyright 2002-2015

Favorite Sites

WritersUA

One Man Writes

Liz Danzico

A Techie Tech Writer Blog

User Assistance

Accelerated Authoring

Usability in the News

I'd Rather Be Writing

Just Write Click

InfoDesign News

Capulet

The Content Wrangler

Scott on Writing

Rahul Prabhakar

Noise Between Stations

CIDM

Favorite Books

Designing Interactions

The Nurnberg Funnel

Minimalism Beyond

Don't Make Me Think

The Humane Interface

Grammar Girl's Quick and Dirty Tips for Better Writing

Developing User Assistance for Mobile Apps

Sponsored Links

Hosted By

MS Help Center exploit

Marketers, reviewers, and many customers love "multimedia" help systems. It's true that, done well, graphical and interactive elements can greatly enhance instructional material. Movies that demonstrate complex tasks, pictures that are "worth a thousand words," and automated actions that let users complete tasks easier and more accurately. All valuable tools in creating Help that moves beyond the "onscreen book" approach.

But flexibility and power bring complexity and, sometimes, vulnerability. Displaying some text and pictures is safe and easy, but providing all the features needed for the Help to be nicely integrated and "smart" can be problematic. Case in point, this article at The Register describes a security hole introduced in Microsoft's Help Center. Clicking a specially-formed URL can wipe out the contents of a directory on your hard drive. Ouch.

Posted: November 15, 2002 link to this item, Tweet this item, respond to this item