Microsoft Help Files (.CHM): 'Locked File' Feature Bypass

Microsoft Help Files (.CHM): 'Locked File' Feature Bypass, Versions Affected: Windows XP, Windows Vista, Windows 7. Changes made with Windows XP introduced additional origin validation for files downloaded from the Internet when saved to an NTFS volume. This 'feature' is present in Windows XP, Vista and 7. When a user downloads a .CHM file using Internet Explorer (or another browser) Windows will mark an NTFS meta-data flag for the file, which indicates the file should be "Locked". Locked Help Files will not render any content within the CHM file using the Help File Viewer (hh.exe) until a user selects the file in Explorer and clicks the "Unblock" button under the files properties, which resets the NTFS meta-data flag. This security feature can be bypassed by referencing external URI handlers from the CHM file's Table of Contents file, and links can directly accessed regardless of the help files locked state