A new security advisory from the global technology leader Microsoft warns about a risk involving any version of Internet Explorer on Windows 2000 and Windows XP that can allow a malicious Web site to infiltrate your PC. The F1 key is normally designated to bring up help in Windows programs, including the operating system.
According to Microsoft’s advisory, the flaw is in the way VBScript processes help files in Internet Explorer. It means that in case a malicious Web site displays a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user.
ADVISE – Set security in Internet Explorer on the affected systems to “high.” as it will disable Active Scripting and keeps the VBScript code from executing. Also, in case you happen to come across a site that displays a message box that won’t go away that exhorts you to hit F1, log off or use the Windows Task manager to close IE