Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Search | Test
Home » Industry Watch

SP2: The Other Shoe

Barely hours after users started securing their PCs with Windows XP Service Pack 2, security experts have found ways around it.

Discoveries by security firms Secunia and German Heise show that holes have been left open in Windows XP Service Pack 2.

Malicious programs can hide as images and automatically install and run when Windows is restarted.

All these exploits work with Windows XP Service Pack 2.

Heise found that the selfsame program Microsoft wrote to warn users of running untrusted files can itself be subverted: it is possible to run files downloaded off the Internet without users being warned of what is happening.

Representatives of Microsoft who Heise contacted claimed they did not need to fix the Service Pack 2 code for the flaw [sic].

Microsoft have otherwise already released a first bug-fix for Windows XP Service Pack 2.


Flaws in SP2 security features
http://heise.de/security/artikel/50051


MSIE Drag-Drop Vulnerability
http://secunia.com/advisories/12321

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.