Forums - Computer music & technology
Subject: XP security hole !
Viewing all 9 messages - View by pages of 10: 1
Original Message 1/9 22-Dec-01 @ 02:40 AM - XP security hole !
___________________________________
I had an idea for a script once. It's basically Jaws except when the guys in the boat are going after Jaws, they look around and there's an even bigger Jaws. The guys have to team up with Jaws to get Bigger Jaws.... I call it... Big Jaws!!!
Message 2/9 22-Dec-01 @ 02:42 AM Edit: 22-Dec-01 | 02:46 AM - RE: XP security hole !
Vulnerability of Internet-connected PCs using Microsoft's new operating system stems from its plug-and-play feature
SAN FRANCISCO - Microsoft has announced that its flagship Windows XP operating system has a major security flaw that allows hackers to erase files from - or take control of - Internet-connected computers.
More than seven million XP users also face the prospect of their PCs being turned into 'zombies', directed secretly by hackers to attack other computers.
'This is a serious vulnerability,' said Mr Scott Culp, manager of Microsoft's security response centre.
Security experts called the vulnerability particularly glaring - and galling, given Microsoft's touting of the XP operating system as among its most secure.
Experts blamed the error partly on Microsoft's attempts to make its products easier to use. In the process, the company sometimes creates default software settings to save users headaches, but those settings later prove insecure.
In this case, the flaw stems from XP's 'universal plug-and-play' feature, which allows users to easily connect devices such as printers over a network. But it also opens a trapdoor for hackers.
Microsoft urged XP users to visit the Microsoft website to download a free software 'patch' that fixes the problem. Some users of Windows 98 are also affected.
'We're going out and asking every Windows XP user on the planet to install this patch,' Mr Culp said. 'It has got to work.'
Microsoft learned of the problems more than a month ago and has been preparing the patches since then.
The software giant conducted research to see if hackers had begun to exploit the problem, but found no such evidence. If it had, Microsoft would have alerted users even before the patch was prepared, Mr Culp said.
Now that it has been publicly disclosed, hackers will exploit the flaw, he said. 'Count on it.'
Mr Tim Belcher, chief technical officer of Riptech, a security-monitoring company in Alexandria, Virginia, said it was likely that more XP security flaws will come to light, given the sheer scale of the software, with its millions of lines of programming instructions.
'The operating system is so inclusive that there are bound to be many significant oversights,' he said.
___________________________________
I had an idea for a script once. It's basically Jaws except when the guys in the boat are going after Jaws, they look around and there's an even bigger Jaws. The guys have to team up with Jaws to get Bigger Jaws.... I call it... Big Jaws!!!
Message 3/9 22-Dec-01 @ 02:49 AM - RE: XP security hole !
A computer forensics expert and retired federal agent is trying to convince the U.S. government that Windows XP is a threat to national security and its distribution should be postponed.
chuckle..
___________________________________
I had an idea for a script once. It's basically Jaws except when the guys in the boat are going after Jaws, they look around and there's an even bigger Jaws. The guys have to team up with Jaws to get Bigger Jaws.... I call it... Big Jaws!!!
Message 4/9 22-Dec-01 @ 02:56 AM - RE: XP security hole !
Message 5/9 23-Dec-01 @ 03:04 AM - RE: XP security hole !
Why use this? What advantages? W2k works just fine and has been through its growing pains.
Novell had this http issue a couple of years ago.
Message 6/9 24-Dec-01 @ 03:23 PM - RE: XP security hole !
Damn, where'd it go..
It was glaring but easily stoppable..
-Craig
Message 7/9 24-Dec-01 @ 03:24 PM - RE: XP security hole !
Security vendors are warning of new Microsoft vulnerabilities
that affect PCs running the company's Universal Plug and Play
architecture. That architecture ships in Windows XP, but also
can be installed in Windows 98, 98 SE, and ME. According to a
security bulletin published Thursday by Microsoft, remote
attackers have the ability, through a buffer overflow, to gain
control of a victim's system. The attacker could run apps or
use the PC as part of a denial-of-service attack. Microsoft has
published its security bulletin MS01-059 as well as patches at
http://update.informationweek.com/cgi-bin4/flo?y=eFRZ0BdUwP0V20NU30An .
Jim Magdych, director of Covert Labs for Network Associates
Inc., says users running the plug-and-play architecture and who
aren't blocking ports 1900 and 5000 are vulnerable. Magdych
says it's just a matter of time before someone publishes
automated tools to exploit this vulnerability or unleashes an
automated exploit such as Code Red. EEye Digital Security, the
same company that discovered the flaw in Microsoft's Internet
Information Services that was capitalized on by the author of
Code Red, also found this security hole. - George V. Hulme
Message 8/9 03-Jan-02 @ 07:40 AM - RE: XP security hole !
Message 9/9 03-Jan-02 @ 02:39 PM - RE: XP security hole !
![](smiley.gif)
I'm thrilled with my XP box.
-Craig
Viewing all 9 messages - View by pages of 10: 1
There are 9 total messages for this topic
Reply to Thread
You need to register/login to use the forum.
Click here to Signup or Login !
[you'll be brought right back to this point after signing up]
Back to Forum