What happened to WinHelp?

Raymond Chen

Commenter winhelp (probably not his/her real name) wonders what happened to WinHelp.exe. I don’t know, but it turns out the answer was already known to the Internet. At the time the question was posted, the answer was already in the Wikipedia entry for Windows Help—it even had a citation! The question does highlight another one of those no matter what you do, somebody will call you an idiot dilemmas. On the one side, we have “Windows is already so big, what’s the harm in adding another megabyte to the size to add this feature that is rarely used, primarly by older applications, so that customers won’t have to download it?” On the other side, we have “Windows is too big, why not get rid of the components that exist only for the benefit of older applications and make them optional downloads?” What probably swung the pendulum to the remove it from the core product side is the fact that the Windows help file format is equivalent to an EXE. (I don’t know this personally; I’m just reading the Wikipedia article.) If somebody can trick you into clicking on a rogue HLP file, they can run arbitrary code and take over your account. The underlying functionality is useful, because you can write help files with links like Click here to open the Options dialog, and clicking the link will actually open the Options dialog (by invoking some accompanying native code that calls whatever APIs are necessary to get that Options dialog to open). WinHelp came from the days before the Internet, when HyperCard was the reigning champion for page-based information presentation. You didn’t have to worry that double-clicking a file on a remote server might take over your computer because you couldn’t contact remote servers in the first place! (And if you could, it was because you were on a local-area network where all the computers were operated by your co-workers or other people you trusted.) As I recall, there are some help-file-based viruses out there, so the security aspect is not merely a theoretical discussion. Removing the attack surface from the default configuration reduces the value of the help file attack. (Historians may note that HyperCard also permitted execution of arbitrary native code attached to a HyperCard deck. There were also HyperCard viruses.)

But now that you mention WinHelp, I remember a story about the little pen-writing-in-book animation that appears when the help engine is “preparing Help file for first use” (whatever that means). I’ll take that up tomorrow.


Discussion is closed.

Feedback usabilla icon