|Home » Industry Watch
SP2: The Other Shoe
Barely hours after users started securing their PCs with Windows XP Service Pack 2, security experts have found ways around it.
Discoveries by security firms Secunia and German Heise show that holes have been left open in Windows XP Service Pack 2.
Malicious programs can hide as images and automatically install and run when Windows is restarted.
All these exploits work with Windows XP Service Pack 2.
Heise found that the selfsame program Microsoft wrote to warn users of running untrusted files can itself be subverted: it is possible to run files downloaded off the Internet without users being warned of what is happening.
Representatives of Microsoft who Heise contacted claimed they did not need to fix the Service Pack 2 code for the flaw [sic].
Microsoft have otherwise already released a first bug-fix for Windows XP Service Pack 2.
Flaws in SP2 security features
MSIE Drag-Drop Vulnerability