
	`About \| Buy Stuff \| News \| Products \| Rants \| Search \| Security`

Home » News » Roundups

SP2: The Other Shoe

20 August 2004 19:52 UTC
Barely hours after users started securing their PCs with Windows XP Service Pack 2, security experts have found ways around it.

Discoveries by security firms Secunia and German Heise show that holes have been left open in Windows XP Service Pack 2.

Malicious programs can hide as images and automatically install and run when Windows is restarted.

All these exploits work with Windows XP Service Pack 2.

Heise found that the selfsame program Microsoft wrote to warn users of running untrusted files can itself be subverted: it is possible to run files downloaded off the Internet without users being warned of what is happening.

Representatives of Microsoft who Heise contacted claimed they didn't need to fix the Service Pack 2 code for the flaw [sic].

Microsoft have otherwise already released a first bug-fix for Windows XP Service Pack 2.

Flaws in SP2 security features
http://heise.de/security/artikel/50051

MSIE Drag-Drop Vulnerability
http://secunia.com/advisories/12321

A Matter of Trust (by Jürgen Schmidt)
http://radsoft.net/resources/rants/20040820,00.html

SP2: The Other Shoe

Flaws in SP2 security featureshttp://heise.de/security/artikel/50051MSIE Drag-Drop Vulnerabilityhttp://secunia.com/advisories/12321A Matter of Trust (by Jürgen Schmidt)http://radsoft.net/resources/rants/20040820,00.html

Flaws in SP2 security features
http://heise.de/security/artikel/50051

MSIE Drag-Drop Vulnerability
http://secunia.com/advisories/12321

A Matter of Trust (by Jürgen Schmidt)
http://radsoft.net/resources/rants/20040820,00.html